Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-1065 (GCVE-0-2018-1065)
Vulnerability from cvelistv5
Published
2018-03-02 08:00
Modified
2024-08-05 03:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- NULL pointer dereference
Summary
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Linux kernel 4.15.0-rc9 |
Version: Linux kernel 4.15.0-rc9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:47.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040446",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040446"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"name": "USN-3656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel 4.15.0-rc9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux kernel 4.15.0-rc9"
}
]
}
],
"datePublic": "2018-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NULL pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-31T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1040446",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040446"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"name": "USN-3656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1065",
"datePublished": "2018-03-02T08:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T03:51:47.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-1065\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-03-02T08:29:00.257\",\"lastModified\":\"2024-11-21T03:59:06.303\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.\"},{\"lang\":\"es\",\"value\":\"El subsistema netfilter en el kernel de Linux, hasta la versi\u00f3n 4.15.7, gestiona de manera incorrecta el caso de una regla blob que contiene un salto pero carece de una cadena definida por el usuario. Esto permite que usuarios locales provoquen una denegaci\u00f3n de servicio (DoS) aprovechando las capacidades CAP_NET_RAW o CAP_NET_ADMIN, relacionadas con arpt_do_table en net/ipv4/netfilter/arp_tables.c, ipt_do_table en net/ipv4/netfilter/ip_tables.c y ip6t_do_table en net/ipv6/netfilter/ip6_tables.c.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":4.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.7\",\"matchCriteriaId\":\"87875BCC-05C4-4C72-AB6B-5FD9E4E74521\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.openwall.net/netdev/2018/01/27/46\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://patchwork.ozlabs.org/patch/870355/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1040446\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1547824\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3654-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/3654-2/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/3656-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4188\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.openwall.net/netdev/2018/01/27/46\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://patchwork.ozlabs.org/patch/870355/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1040446\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1547824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3654-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3654-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3656-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2018:1855-1
Vulnerability from csaf_suse
Published
2018-06-29 14:41
Modified
2018-06-29 14:41
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO
ioctl (bsc#1096728).
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353).
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers
(bsc#1087095).
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007).
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012).
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904).
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900).
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962).
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895).
The following non-security bugs were fixed:
- ALSA: timer: Fix pause event notification (bsc#973378).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fix the patch content (bsc#1085185)
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
Patchnames
SUSE-OpenStack-Cloud-7-2018-1251,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1251,SUSE-SLE-SAP-12-SP2-2018-1251,SUSE-SLE-SERVER-12-SP2-2018-1251,SUSE-Storage-4-2018-1251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO\n ioctl (bsc#1096728).\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353).\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers\n (bsc#1087095).\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007).\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012).\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904).\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900).\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962).\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895).\n\nThe following non-security bugs were fixed:\n\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fix the patch content (bsc#1085185)\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-7-2018-1251,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1251,SUSE-SLE-SAP-12-SP2-2018-1251,SUSE-SLE-SERVER-12-SP2-2018-1251,SUSE-Storage-4-2018-1251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1855-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1855-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181855-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1855-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004236.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-06-29T14:41:33Z",
"generator": {
"date": "2018-06-29T14:41:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1855-1",
"initial_release_date": "2018-06-29T14:41:33Z",
"revision_history": [
{
"date": "2018-06-29T14:41:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product_id": "kernel-devel-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product_id": "kernel-macros-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product_id": "kernel-source-4.4.121-92.85.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-base-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-devel-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-syms-4.4.121-92.85.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-base-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-devel-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-man-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.s390x",
"product_id": "kernel-syms-4.4.121-92.85.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product_id": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
}
]
}
suse-su-2018:1816-1
Vulnerability from csaf_suse
Published
2018-06-26 11:39
Modified
2018-06-26 11:39
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.138 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by
calling setxattr twice with two different extended attribute names on the same
file. This vulnerability could be triggered by an unprivileged user with the
ability to create files and execute programs (bsc#1097234)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers
to obtain potentially sensitive information from kernel memory, aka a
write_mmio stack-based out-of-bounds read (bnc#1073311)
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution
and speculative execution of memory reads the addresses of all prior memory
writes are known may have allowed unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis, aka Speculative
Store Bypass (SSB), Variant 4 (bsc#1087082).
- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability
allowing local users with access to the udldrmfb driver to obtain full read and
write permissions on kernel physical pages, resulting in a code execution in
kernel space (bsc#1090643).
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353)
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers
(bsc#1087095)
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007)
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012)
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904)
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900)
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650)
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962)
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895)
The following non-security bugs were fixed:
- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).
- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).
- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).
- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).
- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).
- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).
- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).
- ALSA: aloop: Add missing cable lock to ctl API callbacks (bnc#1012382).
- ALSA: aloop: Mark paused device as inactive (bnc#1012382).
- ALSA: asihpi: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: control: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: control: fix a redundant-copy issue (bnc#1012382).
- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).
- ALSA: hda - New VIA controller suppor no-snoop path (bnc#1012382).
- ALSA: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).
- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).
- ALSA: hda/realtek - Add some fixes for ALC233 (bnc#1012382).
- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).
- ALSA: hda: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: hdspm: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: line6: Use correct endpoint type for midi output (bnc#1012382).
- ALSA: opl3: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).
- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).
- ALSA: pcm: Check PCM state at xfern compat ioctl (bnc#1012382).
- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).
- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).
- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).
- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).
- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).
- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).
- ALSA: rme9652: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bnc#1012382).
- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).
- ALSA: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).
- ALSA: timer: Fix pause event notification (bnc#1012382 bsc#973378).
- ALSA: timer: Fix pause event notification (bsc#973378).
- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).
- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).
- ALSA: vmaster: Propagate slave error (bnc#1012382).
- ARC: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).
- ARM: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).
- ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).
- ARM: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).
- ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).
- ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).
- ARM: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).
- ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).
- ARM: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).
- ARM: OMAP: Fix dmtimer init for omap1 (bnc#1012382).
- ARM: amba: Do not read past the end of sysfs 'driver_override' buffer (bnc#1012382).
- ARM: amba: Fix race condition with driver_override (bnc#1012382).
- ARM: amba: Make driver_override output consistent with other buses (bnc#1012382).
- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).
- ARM: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).
- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).
- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).
- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).
- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).
- ASoC: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).
- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).
- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).
- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).
- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).
- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).
- Btrfs: Fix possible softlock on single core machines (bnc#1012382).
- Btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).
- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).
- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).
- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).
- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).
- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).
- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).
- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).
- Btrfs: fix xattr loss after power failure (bnc#1012382).
- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).
- Btrfs: set plug for fsync (bnc#1012382).
- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).
- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).
- Correct the prefix in references tag in previous patches (bsc#1041740).
- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).
- ENABLE_IBRS clobbers %rax which it shouldn't do
- Enable uinput driver (bsc#1092566).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fixes typo for (watchdog: hpwdt: Update nmi_panic message) (bsc#1085185).
- Force log to disk before reading the AGF during a fstrim (bnc#1012382).
- HID: Fix hid_report_len usage (bnc#1012382).
- HID: core: Fix size as type u32 (bnc#1012382).
- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).
- HID: i2c-hid: fix size check and type usage (bnc#1012382).
- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).
- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).
- IB/mlx5: Use unlimited rate when static rate is not supported (bnc#1012382).
- IB/srp: Fix completion vector assignment algorithm (bnc#1012382).
- IB/srp: Fix srp_abort() (bnc#1012382).
- Input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).
- Input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).
- Input: ALPS - fix trackstick button handling on V8 devices (git-fixes).
- Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).
- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bnc#1012382).
- Input: drv260x - fix initializing overdrive voltage (bnc#1012382).
- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).
- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).
- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).
- Input: leds - fix out of bound access (bnc#1012382).
- KEYS: DNS: limit the length of option strings (bnc#1012382).
- KVM: Fix spelling mistake: 'cop_unsuable' -> 'cop_unusable' (bnc#1012382).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).
- KVM: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).
- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).
- KVM: s390: Enable all facility bits that are known good for passthrough (bnc#1012382 bsc#1073059 bsc#1076805).
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- KVM: x86: introduce linear_{read,write}_system (bnc#1012382).
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).
- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).
- MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs (bnc#1012382).
- MIPS: Octeon: Fix logging messages with spurious periods after newlines (bnc#1012382).
- MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS (bnc#1012382).
- MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset (bnc#1012382).
- MIPS: memset.S: EVA and fault support for small_memset (bnc#1012382).
- MIPS: memset.S: Fix clobber of v1 in last_fixup (bnc#1012382).
- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup (bnc#1012382).
- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests (bnc#1012382).
- MIPS: ptrace: Expose FIR register through FP regset (bnc#1012382).
- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs (bnc#1012382).
- MIPS: uaccess: Add micromips clobbers to bzero invocation (bnc#1012382).
- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bnc#1012382).
- NFC: llcp: Limit size of SDP URI (bnc#1012382).
- NFSv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).
- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).
- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).
- PCI: Restore config space on runtime resume despite being unbound (bnc#1012382).
- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094268).
- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).
- RDMA/mlx5: Protect from shift operand overflow (bnc#1012382).
- RDMA/qedr: Fix doorbell bar mapping for dpi > 1 (bsc#1022604).
- RDMA/ucma: Allow resolving address w/o specifying source address (bnc#1012382).
- RDMA/ucma: Correct option size check using optlen (bnc#1012382).
- RDMA/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).
- RDS: IB: Fix null pointer issue (bnc#1012382).
- Revert 'ARM: dts: imx6qdl-wandboard: Fix audio channel swap' (bnc#1012382).
- Revert 'Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174' (bnc#1012382).
- Revert 'KVM: Fix stack-out-of-bounds read in write_mmio' (bnc#1083635).
- Revert 'ath10k: rebuild crypto header in rx data frames' (kabi).
- Revert 'ath10k: send (re)assoc peer command when NSS changed' (bnc#1012382).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- Revert 'ima: limit file hash setting by user to fix and log modes' (bnc#1012382).
- Revert 'ipc/shm: Fix shmat mmap nil-page protection' (bnc#1012382).
- Revert 'perf tests: Decompress kernel module before objdump' (bnc#1012382).
- Revert 'vti4: Do not override MTU passed on link creation via IFLA_MTU' (bnc#1012382).
- Revert 'watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).' This reverts commit 3e75a004de79c213a2c919144da3d413922661db.
- Revert 'x86/fpu: Hard-disable lazy FPU mode' (compatibility).
- USB: Accept bulk endpoints with 1024-byte maxpacket (bnc#1012382 bsc#1092888).
- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).
- USB: Increment wakeup count on remote wakeup (bnc#1012382).
- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).
- USB: serial: cp210x: add ID for NI USB serial console (bnc#1012382).
- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).
- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).
- USB: serial: option: Add support for Quectel EP06 (bnc#1012382).
- USB: serial: option: adding support for ublox R410M (bnc#1012382).
- USB: serial: option: reimplement interface masking (bnc#1012382).
- USB: serial: simple: add libtransistor console (bnc#1012382).
- USB: serial: visor: handle potential invalid device configuration (bnc#1012382).
- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).
- Update config files, add expoline for s390x (bsc#1089393).
- af_key: Always verify length of provided sadb_key (bnc#1012382).
- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).
- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).
- arm64: Add 'ssbd' command-line option (bsc#1085308).
- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).
- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).
- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).
- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).
- arm64: alternatives: Add dynamic patching feature (bsc#1085308).
- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).
- arm64: do not call C code with el0's fp register (bsc#1085308).
- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).
- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).
- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).
- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).
- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).
- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).
- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).
- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).
- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).
- asm-generic: provide generic_pmdp_establish() (bnc#1012382).
- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).
- ath10k: rebuild crypto header in rx data frames (bnc#1012382).
- ath9k_hw: check if the chip failed to wake up (bnc#1012382).
- atm: zatm: Fix potential Spectre v1 (bnc#1012382).
- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).
- audit: return on memory error to avoid null pointer dereference (bnc#1012382).
- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).
- autofs: change autofs4_wait() to take struct path (bsc#1086716).
- autofs: mount point create should honour passed in mode (bnc#1012382).
- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).
- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).
- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).
- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).
- batman-adv: fix packet checksum in receive path (bnc#1012382).
- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).
- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).
- bcache: fix for allocator and register thread race (bnc#1012382).
- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).
- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).
- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).
- bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).
- bcache: return attach error when no cache set exist (bnc#1012382).
- bdi: Fix oops in wb_workfn() (bnc#1012382).
- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)
- block/loop: fix deadlock after loop_set_status (bnc#1012382).
- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).
- block: sanity check for integrity intervals (bsc#1091728).
- bnx2x: use the right constant (bnc#1012382).
- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).
- bonding: do not allow rlb updates to invalid mac (bnc#1012382).
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).
- bpf: map_get_next_key to return first key on NULL (bnc#1012382).
- brcmfmac: Fix check for ISO3166 code (bnc#1012382).
- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).
- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bnc#1012382).
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).
- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).
- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).
- ceph: adding protection for showing cap reservation info (bsc#1089115).
- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).
- ceph: check if mds create snaprealm when setting quota (bsc#1089115).
- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).
- ceph: do not check quota for snap inode (bsc#1089115).
- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).
- ceph: fix race of queuing delayed caps (bsc#1096214).
- ceph: fix root quota realm check (bsc#1089115).
- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).
- ceph: fix st_nlink stat for directories (bsc#1093904).
- ceph: quota: add counter for snaprealms with quota (bsc#1089115).
- ceph: quota: add initial infrastructure to support cephfs quotas (bsc#1089115).
- ceph: quota: cache inode pointer in ceph_snap_realm (bsc#1089115).
- ceph: quota: do not allow cross-quota renames (bsc#1089115).
- ceph: quota: report root dir quota usage in statfs (bsc#1089115).
- ceph: quota: support for ceph.quota.max_bytes (bsc#1089115).
- ceph: quota: support for ceph.quota.max_files (bsc#1089115).
- ceph: quota: update MDS when max_bytes is approaching (bsc#1089115).
- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).
- cfg80211: further limit wiphy names to 64 bytes (git-fixes).
- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).
- cifs: Use file_dentry() (bsc#1093008).
- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).
- clk: Do not show the incorrect clock phase (bnc#1012382).
- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).
- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).
- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).
- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).
- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).
- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).
- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).
- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).
- config: arm64: enable Spectre-v4 per-thread mitigation
- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).
- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).
- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).
- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).
- crypto: af_alg - fix possible uninit-value in alg_bind() (bnc#1012382).
- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).
- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).
- cxgb4: Setup FW queues before registering netdev (bsc#1022743).
- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).
- dccp: fix tasklet usage (bnc#1012382).
- dccp: initialize ireq->ir_mark (bnc#1012382).
- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).
- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).
- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).
- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).
- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).
- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).
- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).
- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).
- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).
- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).
- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).
- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).
- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).
- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).
- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).
- drm/virtio: fix vq wait_event condition (bnc#1012382).
- drm/vmwgfx: Fix a buffer object leak (bnc#1012382).
- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).
- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).
- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bnc#1012382).
- enic: enable rq before updating rq descriptors (bnc#1012382).
- enic: set DMA mask to 47 bit (bnc#1012382).
- ext2: fix a block leak (bnc#1012382).
- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).
- ext4: add validity checks for bitmap block numbers (bnc#1012382).
- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).
- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).
- ext4: fix bitmap position validation (bnc#1012382).
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).
- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).
- fanotify: fix logic of events on child (bnc#1012382).
- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).
- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).
- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).
- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).
- fix io_destroy()/aio_complete() race (bnc#1012382).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).
- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).
- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).
- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).
- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).
- futex: futex_wake_op, do not fail on invalid op (git-fixes).
- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).
- getname_kernel() needs to make sure that ->name != ->iname in long case (bnc#1012382).
- gfs2: Fix fallocate chunk size (bnc#1012382).
- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).
- gpio: No NULL owner (bnc#1012382).
- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).
- gpmi-nand: Handle ECC Errors in erased pages (bnc#1012382).
- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).
- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).
- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).
- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).
- hwrng: stm32 - add reset during probe (bnc#1012382).
- hwtracing: stm: fix build error on some arches (bnc#1012382).
- hypfs_kill_super(): deal with failed allocations (bnc#1012382).
- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).
- i2c: rcar: check master irqs before slave irqs (bnc#1012382).
- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).
- i2c: rcar: init new messages in irq (bnc#1012382).
- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).
- i2c: rcar: refactor setup of a msg (bnc#1012382).
- i2c: rcar: remove spinlock (bnc#1012382).
- i2c: rcar: remove unused IOERROR state (bnc#1012382).
- i2c: rcar: revoke START request early (bnc#1012382).
- i2c: rcar: rework hw init (bnc#1012382).
- ibmvnic: Check CRQ command return codes (bsc#1094840).
- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).
- ibmvnic: Create separate initialization routine for resets (bsc#1094840).
- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).
- ibmvnic: Fix partial success login retries (bsc#1094840).
- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).
- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).
- ibmvnic: Handle error case when setting link state (bsc#1094840).
- ibmvnic: Introduce active CRQ state (bsc#1094840).
- ibmvnic: Introduce hard reset recovery (bsc#1094840).
- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).
- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).
- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).
- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).
- iio:kfifo_buf: check for uint overflow (bnc#1012382).
- ima: Fallback to the builtin hash algorithm (bnc#1012382).
- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).
- init: fix false positives in W+X checking (bsc#1096982).
- iommu/vt-d: Fix a potential memory leak (bnc#1012382).
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).
- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).
- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).
- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799).
- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).
- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).
- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).
- ipv4: remove warning in ip_recv_error (bnc#1012382).
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (bnc#1012382).
- irda: fix overly long udelay() (bnc#1012382).
- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).
- isdn: eicon: fix a missing-check bug (bnc#1012382).
- jbd2: fix use after free in kjournald2() (bnc#1012382).
- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (bnc#1012382 git-fixes).
- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).
- kABI: work around BPF SSBD removal (bsc#1087082).
- kabi: vfs: Restore dentry_operations->d_manage (bsc#1086716).
- kasan: fix memory hotplug during boot (bnc#1012382).
- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).
- kconfig: Do not leak main menus during parsing (bnc#1012382).
- kconfig: Fix automatic menu creation mem leak (bnc#1012382).
- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).
- kdb: make 'mdr' command repeat (bnc#1012382).
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).
- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).
- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, ).
- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- kobject: do not use WARN for registration failures (bnc#1012382).
- kvm: Fix nopvspin static branch init usage (bsc#1056427).
- kvm: Introduce nopvspin kernel parameter (bsc#1056427).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).
- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).
- l2tp: revert 'l2tp: fix missing print session offset info' (bnc#1012382).
- lan78xx: Correctly indicate invalid OTP (bnc#1012382).
- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bnc#1012382).
- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).
- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).
- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).
- libceph: fix misjudgement of maximum monitor number (bsc#1089115).
- libceph: reschedule a tick in finish_hunting() (bsc#1089115).
- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).
- libceph: validate con->state at the top of try_write() (bsc#1089115).
- libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment
- libnvdimm, namespace: use a safe lookup for dimm device name
- libnvdimm, pfn: fix start_pad handling for aligned namespaces
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299).
- llc: better deal with too small mtu (bnc#1012382).
- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).
- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).
- llc: hold llc_sap before release_sock() (bnc#1012382).
- llc: properly handle dev_queue_xmit() return value (bnc#1012382).
- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).
- locking/qspinlock: Ensure node->count is updated before initialising node (bnc#1012382).
- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).
- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).
- loop: handle short DIO reads (bsc#1094177).
- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).
- mac80211: Add RX flag to indicate ICV stripped (bnc#1012382).
- mac80211: allow not sending MIC up from driver for HW crypto (bnc#1012382).
- mac80211: allow same PN for AMSDU sub-frames (bnc#1012382).
- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).
- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).
- md/raid1: fix NULL pointer dereference (bnc#1012382).
- md: document lifetime of internal rdev pointer (bsc#1056415).
- md: fix two problems with setting the 're-add' device state (bsc#1089023).
- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).
- md: raid5: avoid string overflow warning (bnc#1012382).
- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).
- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).
- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).
- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).
- media: em28xx: USB bulk packet size fix (bnc#1012382).
- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).
- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).
- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).
- mm/ksm: fix interaction with THP (bnc#1012382).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).
- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).
- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).
- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).
- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (-- VM bnc#1012382 bnc#971975 generic performance read).
- mm: filemap: remove redundant code in do_read_cache_page (-- VM bnc#1012382 bnc#971975 generic performance read).
- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).
- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).
- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).
- mmap: introduce sane default mmap limits (bnc#1012382).
- mmap: relax file size limit for regular files (bnc#1012382).
- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).
- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).
- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).
- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).
- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).
- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).
- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).
- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).
- net/mlx5: Protect from command bit overflow (bnc#1012382).
- net/packet: refine check for priv area size (bnc#1012382).
- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).
- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).
- net: Fix untag for vlan packets without ethernet header (bnc#1012382).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).
- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).
- net: atm: Fix potential Spectre v1 (bnc#1012382).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).
- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).
- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).
- net: fix rtnh_ok() (bnc#1012382).
- net: fix uninit-value in __hw_addr_add_ex() (bnc#1012382).
- net: initialize skb->peeked when cloning (bnc#1012382).
- net: metrics: add proper netlink validation (bnc#1012382).
- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).
- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).
- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).
- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).
- net: test tailroom before appending to linear skb (bnc#1012382).
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).
- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).
- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).
- netdev-FAQ: clarify DaveM's position for stable backports (bnc#1012382).
- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).
- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).
- netlink: fix uninit-value in netlink_sendmsg (bnc#1012382).
- nfit, address-range-scrub: fix scrub in-progress reporting
- nfit: fix region registration vs block-data-window ranges
- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).
- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).
- nvme-pci: Fix EEH failure on ppc (bsc#1093533).
- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).
- nvme: target: fix buffer overflow (bsc#993388).
- ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute (bnc#1012382).
- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1070404).
- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).
- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1070404).
- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).
- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).
- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).
- packet: fix bitfield update race (bnc#1012382).
- packet: fix reserve calculation (bnc#1012382 git-fixes).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (bnc#1012382).
- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).
- parisc: Fix out of array access in match_pci_device() (bnc#1012382).
- percpu: include linux/sched.h for cond_resched() (bnc#1012382).
- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).
- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).
- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).
- perf intel-pt: Fix sync_switch (bnc#1012382).
- perf intel-pt: Fix timestamp following overflow (bnc#1012382).
- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).
- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).
- perf/cgroup: Fix child event counting bug (bnc#1012382).
- perf/core: Fix perf_output_read_group() (bnc#1012382).
- perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] (bnc#1012382).
- perf/core: Fix the perf_cpu_time_max_percent check (bnc#1012382).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bnc#1012382).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bnc#1012382).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bnc#1012382).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bnc#1012382).
- perf: Remove superfluous allocation error check (bnc#1012382).
- perf: Return proper values for user stack errors (bnc#1012382).
- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).
- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).
- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).
- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).
- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).
- powerpc/64s: Clear PCR on boot (bnc#1012382).
- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).
- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).
- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).
- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).
- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).
- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).
- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).
- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).
- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).
- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).
- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).
- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).
- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).
- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).
- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).
- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).
- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).
- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).
- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).
- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).
- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).
- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).
- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).
- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).
- powerpc: conditionally compile platform-specific serial drivers (bsc#1066223).
- powerpc: signals: Discard transaction state from signal frames (bsc#1094059).
- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).
- proc read mm's {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).
- proc: fix /proc/*/map_files lookup (bnc#1012382).
- proc: meminfo: estimate available memory more conservatively (-- VM bnc#1012382 functionality monitoring space user).
- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).
- qed: Fix LL2 race during connection terminate (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix mask for physical address in ILT entry (bnc#1012382).
- qed: Fix possibility of list corruption during rmmod flows (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: LL2 flush isles when connection is closed (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Fix ref-cnt usage count (bsc#1019695 bsc#1019699 bsc#1022604).
- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).
- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).
- r8152: add Linksys USB3GIGV1 id (bnc#1012382).
- r8152: fix tx packets accounting (bnc#1012382).
- r8169: fix powering up RTL8168h (bnc#1012382).
- radeon: hide pointless #warning when compile testing (bnc#1012382).
- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).
- regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' (bsc#1091960).
- regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' (bnc#1012382).
- regulatory: add NUL to request alpha2 (bnc#1012382).
- resource: fix integer overflow at reallocation (bnc#1012382).
- rfkill: gpio: fix memory leak in probe error path (bnc#1012382).
- rpc_pipefs: fix double-dput() (bnc#1012382).
- rpm/config.sh: build against SP3 in OBS as well.
- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).
- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).
- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex (bnc#1012382).
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).
- rtnetlink: validate attributes in do_setlink() (bnc#1012382).
- s390/alternative: use a copy of the facility bit mask (bnc#1012382).
- s390/cio: clear timer when terminating driver I/O (bnc#1012382).
- s390/cio: fix return code after missing interrupt (bnc#1012382).
- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero ( bnc#1012382 bnc#1094532).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1094532, ).
- s390/dasd: fix IO error for newly defined devices (bnc#1093144, ).
- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).
- s390/ftrace: use expoline for indirect branches (bnc#1012382).
- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).
- s390/kernel: use expoline for indirect branches (bnc#1012382).
- s390/lib: use expoline for indirect branches (bnc#1012382).
- s390/qdio: do not merge ERROR output buffers (bnc#1012382).
- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).
- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).
- s390/qdio: fix access to uninitialized qdio_q fields ( bnc#1012382 bnc#1094532).
- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1094532, ).
- s390/qeth: consolidate errno translation (bnc#1093144, ).
- s390/qeth: fix MAC address update sequence (bnc#1093144, ).
- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, ).
- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).
- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).
- s390: add assembler macros for CPU alternatives (bnc#1012382).
- s390: add automatic detection of the spectre defense (bnc#1012382).
- s390: add optimized array_index_mask_nospec (bnc#1012382).
- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).
- s390: add sysfs attributes for spectre (bnc#1012382).
- s390: correct module section names for expoline code revert (bnc#1012382).
- s390: correct nospec auto detection init order (bnc#1012382).
- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).
- s390: enable CPU alternatives unconditionally (bnc#1012382).
- s390: extend expoline to BC instructions (bnc#1012382).
- s390: introduce execute-trampolines for branches (bnc#1012382).
- s390: move expoline assembler macros to a header (bnc#1012382).
- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).
- s390: move spectre sysfs attribute code (bnc#1012382).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).
- s390: report spectre mitigation via syslog (bnc#1012382).
- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).
- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).
- s390: use expoline thunks in the BPF JIT (bnc#1012382).
- sched/rt: Fix rq->clock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).
- scsi: aacraid: Correct hba_send to include iu_type (bsc#1022607).
- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).
- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).
- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).
- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).
- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).
- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).
- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).
- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).
- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).
- scsi: mptsas: Disable WRITE SAME (bnc#1012382).
- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).
- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).
- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).
- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).
- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).
- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).
- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).
- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).
- scsi: zfcp: fix infinite iteration on ERP ready list ( bnc#1012382 bnc#1094532).
- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1094532, ).
- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).
- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: fix the issue that the cookie-ack with auth can't get processed (bnc#1012382).
- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).
- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).
- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).
- selftests: Print the test we're running to /dev/kmsg (bnc#1012382).
- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).
- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).
- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).
- selftests: memfd: add config fragment for fuse (bnc#1012382).
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).
- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: mctrl_gpio: Add missing module license (bnc#1012382).
- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).
- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).
- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).
- sh: New gcc support (bnc#1012382).
- sh: fix debug trap failure to process signals before return to user (bnc#1012382).
- signals: avoid unnecessary taking of sighand->siglock (-- Scheduler bnc#1012382 bnc#978907 performance signals).
- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).
- slip: Check if rstate is initialized before uncompressing (bnc#1012382).
- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).
- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).
- soreuseport: initialise timewait reuseport field (bnc#1012382).
- sparc64: Fix build warnings with gcc 7 (bnc#1012382).
- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).
- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).
- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).
- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).
- staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr (bnc#1012382).
- stm class: Use vmalloc for the master map (bnc#1012382).
- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).
- sunvnet: does not support GSO for sctp (bnc#1012382).
- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).
- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).
- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).
- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).
- tcp: do not read out-of-bounds opsize (bnc#1012382).
- tcp: fix TCP_REPAIR_QUEUE bound checking (bnc#1012382).
- tcp: ignore Fast Open on repair mode (bnc#1012382).
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).
- tcp: purge write queue in tcp_connect_init() (bnc#1012382).
- team: avoid adding twice the same option to the event list (bnc#1012382).
- team: fix netconsole setup over team (bnc#1012382).
- team: use netdev_features_t instead of u32 (bnc#1012382).
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).
- test_firmware: fix setting old custom fw path back on exit, second try (bnc#1012382).
- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).
- there is probably a place where forcing _IBRS_OFF is missed (or is too late) and therefore ENABLE_IBRS is sometimes called early during boot while it should not. Let's drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012
- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).
- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).
- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).
- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).
- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).
- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).
- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).
- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).
- tools/thermal: tmon: fix for segfault (bnc#1012382).
- tpm: do not suspend/resume if power stays on (bnc#1012382).
- tpm: self test failure should not cause suspend to fail (bnc#1012382).
- tracepoint: Do not warn on ENOMEM (bnc#1012382).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).
- tracing/uprobe_event: Fix strncpy corner case (bnc#1012382).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).
- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).
- tracing: Fix regex_match_front() to not over compare the test string (bnc#1012382).
- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).
- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).
- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).
- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bnc#1012382).
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).
- ubi: Fix error for write access (bnc#1012382).
- ubi: Reject MLC NAND (bnc#1012382).
- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).
- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).
- udf: Provide saner default for invalid uid / gid (bnc#1012382).
- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).
- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).
- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).
- usb: dwc2: Fix interval type issue (bnc#1012382).
- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).
- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).
- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).
- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).
- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).
- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).
- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).
- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).
- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).
- usb: musb: fix enumeration after resume (bnc#1012382).
- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).
- usb: musb: host: fix potential NULL pointer dereference (bnc#1012382).
- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).
- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).
- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).
- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).
- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).
- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).
- vfio-pci: Virtualize PCIe and AF FLR (bnc#1012382).
- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).
- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).
- vfs: add path_has_submounts() (bsc#1086716).
- vfs: add path_is_mountpoint() helper (bsc#1086716).
- vfs: change d_manage() to take a struct path (bsc#1086716).
- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).
- virtio: add ability to iterate over vqs (bnc#1012382).
- virtio_console: free buffers after reset (bnc#1012382).
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi (bnc#1012382).
- vmscan: do not force-scan file lru if its absolute size is small (-- VM bnc#1012382 page performance reclaim).
- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).
- vti4: Do not count header length twice on tunnel setup (bnc#1012382).
- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).
- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).
- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).
- watchdog: hpwdt: Modify to use watchdog core (bsc#1085185).
- watchdog: hpwdt: Update Module info and copyright (bsc#1085185).
- watchdog: hpwdt: Update nmi_panic message (bsc#1085185).
- watchdog: hpwdt: condition early return of NMI handler on iLO5 (bsc#1085185).
- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).
- workqueue: use put_device() instead of kfree() (bnc#1012382).
- writeback: safer lock nesting (bnc#1012382).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bnc#1012382).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).
- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: make intel_rds_mask() honor X86_FEATURE_SSBD (bsc#1094019).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).
- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).
- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).
- x86/devicetree: Initialize device tree before using it (bnc#1012382).
- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).
- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).
- x86/fpu: Revert ('x86/fpu: Disable AVX when eagerfpu is off') (bnc#1012382).
- x86/hweight: Do not clobber %rdi (bnc#1012382).
- x86/hweight: Get rid of the special calling convention (bnc#1012382).
- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).
- x86/pkeys: Do not special case protection key 0 (1041740).
- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).
- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263).
- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263).
- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263).
- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).
- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263).
- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263).
- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263
- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263).
- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263).
- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).
- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).
- xen-netfront: Fix hang on device removal (bnc#1012382).
- xen-netfront: Fix race between device setup and open (bnc#1012382).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).
- xen/acpi: off by one in read_acpi_id() (bnc#1012382).
- xen/grant-table: Use put_page instead of free_page (bnc#1012382).
- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).
- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).
- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).
- xfrm_user: fix return value from xfrm_user_rcv_msg (bnc#1012382).
- xfs: always verify the log tail during recovery (bsc#1036215).
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).
- xfs: detect and trim torn writes during log recovery (bsc#1036215).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
- xfs: fix endianness error when checking log block crc on big endian platforms (bsc#1094405, bsc#1036215).
- xfs: fix incorrect log_flushed on fsync (bnc#1012382).
- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).
- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).
- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).
- xfs: prevent creating negative-sized file via INSERT_RANGE (bnc#1012382).
- xfs: refactor and open code log record crc check (bsc#1036215).
- xfs: refactor log record start detection into a new helper (bsc#1036215).
- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).
- xfs: return start block of first bad log record during recovery (bsc#1036215).
- xfs: support a crc verification only log record pass (bsc#1036215).
- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).
- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).
- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).
- zorro: Set up z->dev.dma_mask for the DMA API (bnc#1012382).
Patchnames
SUSE-SLE-RT-12-SP3-2018-1224
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.138 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by\n calling setxattr twice with two different extended attribute names on the same\n file. This vulnerability could be triggered by an unprivileged user with the\n ability to create files and execute programs (bsc#1097234)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers\n to obtain potentially sensitive information from kernel memory, aka a\n write_mmio stack-based out-of-bounds read (bnc#1073311)\n- CVE-2018-3639: Systems with microprocessors utilizing speculative execution\n and speculative execution of memory reads the addresses of all prior memory\n writes are known may have allowed unauthorized disclosure of information to an\n attacker with local user access via a side-channel analysis, aka Speculative\n Store Bypass (SSB), Variant 4 (bsc#1087082).\n- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability\n allowing local users with access to the udldrmfb driver to obtain full read and\n write permissions on kernel physical pages, resulting in a code execution in\n kernel space (bsc#1090643).\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353)\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers\n (bsc#1087095)\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007)\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012)\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904)\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900)\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650)\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962)\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895)\n\nThe following non-security bugs were fixed:\n\n- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).\n- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).\n- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).\n- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).\n- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).\n- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).\n- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).\n- ALSA: aloop: Add missing cable lock to ctl API callbacks (bnc#1012382).\n- ALSA: aloop: Mark paused device as inactive (bnc#1012382).\n- ALSA: asihpi: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: control: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: control: fix a redundant-copy issue (bnc#1012382).\n- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).\n- ALSA: hda - New VIA controller suppor no-snoop path (bnc#1012382).\n- ALSA: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).\n- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).\n- ALSA: hda/realtek - Add some fixes for ALC233 (bnc#1012382).\n- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).\n- ALSA: hda: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: hdspm: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: line6: Use correct endpoint type for midi output (bnc#1012382).\n- ALSA: opl3: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).\n- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).\n- ALSA: pcm: Check PCM state at xfern compat ioctl (bnc#1012382).\n- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).\n- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).\n- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).\n- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).\n- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).\n- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).\n- ALSA: rme9652: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bnc#1012382).\n- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).\n- ALSA: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).\n- ALSA: timer: Fix pause event notification (bnc#1012382 bsc#973378).\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).\n- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).\n- ALSA: vmaster: Propagate slave error (bnc#1012382).\n- ARC: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).\n- ARM: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).\n- ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).\n- ARM: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).\n- ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).\n- ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).\n- ARM: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).\n- ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).\n- ARM: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).\n- ARM: OMAP: Fix dmtimer init for omap1 (bnc#1012382).\n- ARM: amba: Do not read past the end of sysfs \u0027driver_override\u0027 buffer (bnc#1012382).\n- ARM: amba: Fix race condition with driver_override (bnc#1012382).\n- ARM: amba: Make driver_override output consistent with other buses (bnc#1012382).\n- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).\n- ARM: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).\n- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).\n- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).\n- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).\n- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).\n- ASoC: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).\n- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).\n- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).\n- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).\n- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).\n- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).\n- Btrfs: Fix possible softlock on single core machines (bnc#1012382).\n- Btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).\n- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).\n- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).\n- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).\n- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).\n- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).\n- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).\n- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).\n- Btrfs: fix xattr loss after power failure (bnc#1012382).\n- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).\n- Btrfs: set plug for fsync (bnc#1012382).\n- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).\n- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).\n- Correct the prefix in references tag in previous patches (bsc#1041740).\n- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).\n- ENABLE_IBRS clobbers %rax which it shouldn\u0027t do\n- Enable uinput driver (bsc#1092566).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fixes typo for (watchdog: hpwdt: Update nmi_panic message) (bsc#1085185).\n- Force log to disk before reading the AGF during a fstrim (bnc#1012382).\n- HID: Fix hid_report_len usage (bnc#1012382).\n- HID: core: Fix size as type u32 (bnc#1012382).\n- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).\n- HID: i2c-hid: fix size check and type usage (bnc#1012382).\n- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).\n- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).\n- IB/mlx5: Use unlimited rate when static rate is not supported (bnc#1012382).\n- IB/srp: Fix completion vector assignment algorithm (bnc#1012382).\n- IB/srp: Fix srp_abort() (bnc#1012382).\n- Input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).\n- Input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).\n- Input: ALPS - fix trackstick button handling on V8 devices (git-fixes).\n- Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).\n- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bnc#1012382).\n- Input: drv260x - fix initializing overdrive voltage (bnc#1012382).\n- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).\n- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).\n- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).\n- Input: leds - fix out of bound access (bnc#1012382).\n- KEYS: DNS: limit the length of option strings (bnc#1012382).\n- KVM: Fix spelling mistake: \u0027cop_unsuable\u0027 -\u003e \u0027cop_unusable\u0027 (bnc#1012382).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).\n- KVM: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).\n- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).\n- KVM: s390: Enable all facility bits that are known good for passthrough (bnc#1012382 bsc#1073059 bsc#1076805).\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- KVM: x86: introduce linear_{read,write}_system (bnc#1012382).\n- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).\n- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).\n- MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs (bnc#1012382).\n- MIPS: Octeon: Fix logging messages with spurious periods after newlines (bnc#1012382).\n- MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS (bnc#1012382).\n- MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset (bnc#1012382).\n- MIPS: memset.S: EVA and fault support for small_memset (bnc#1012382).\n- MIPS: memset.S: Fix clobber of v1 in last_fixup (bnc#1012382).\n- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup (bnc#1012382).\n- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests (bnc#1012382).\n- MIPS: ptrace: Expose FIR register through FP regset (bnc#1012382).\n- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs (bnc#1012382).\n- MIPS: uaccess: Add micromips clobbers to bzero invocation (bnc#1012382).\n- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bnc#1012382).\n- NFC: llcp: Limit size of SDP URI (bnc#1012382).\n- NFSv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).\n- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).\n- PCI: Restore config space on runtime resume despite being unbound (bnc#1012382).\n- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094268).\n- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).\n- RDMA/mlx5: Protect from shift operand overflow (bnc#1012382).\n- RDMA/qedr: Fix doorbell bar mapping for dpi \u003e 1 (bsc#1022604).\n- RDMA/ucma: Allow resolving address w/o specifying source address (bnc#1012382).\n- RDMA/ucma: Correct option size check using optlen (bnc#1012382).\n- RDMA/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).\n- RDS: IB: Fix null pointer issue (bnc#1012382).\n- Revert \u0027ARM: dts: imx6qdl-wandboard: Fix audio channel swap\u0027 (bnc#1012382).\n- Revert \u0027Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174\u0027 (bnc#1012382).\n- Revert \u0027KVM: Fix stack-out-of-bounds read in write_mmio\u0027 (bnc#1083635).\n- Revert \u0027ath10k: rebuild crypto header in rx data frames\u0027 (kabi).\n- Revert \u0027ath10k: send (re)assoc peer command when NSS changed\u0027 (bnc#1012382).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- Revert \u0027ima: limit file hash setting by user to fix and log modes\u0027 (bnc#1012382).\n- Revert \u0027ipc/shm: Fix shmat mmap nil-page protection\u0027 (bnc#1012382).\n- Revert \u0027perf tests: Decompress kernel module before objdump\u0027 (bnc#1012382).\n- Revert \u0027vti4: Do not override MTU passed on link creation via IFLA_MTU\u0027 (bnc#1012382).\n- Revert \u0027watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).\u0027 This reverts commit 3e75a004de79c213a2c919144da3d413922661db.\n- Revert \u0027x86/fpu: Hard-disable lazy FPU mode\u0027 (compatibility).\n- USB: Accept bulk endpoints with 1024-byte maxpacket (bnc#1012382 bsc#1092888).\n- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).\n- USB: Increment wakeup count on remote wakeup (bnc#1012382).\n- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).\n- USB: serial: cp210x: add ID for NI USB serial console (bnc#1012382).\n- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).\n- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).\n- USB: serial: option: Add support for Quectel EP06 (bnc#1012382).\n- USB: serial: option: adding support for ublox R410M (bnc#1012382).\n- USB: serial: option: reimplement interface masking (bnc#1012382).\n- USB: serial: simple: add libtransistor console (bnc#1012382).\n- USB: serial: visor: handle potential invalid device configuration (bnc#1012382).\n- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).\n- Update config files, add expoline for s390x (bsc#1089393).\n- af_key: Always verify length of provided sadb_key (bnc#1012382).\n- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).\n- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).\n- arm64: Add \u0027ssbd\u0027 command-line option (bsc#1085308).\n- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).\n- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).\n- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).\n- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).\n- arm64: alternatives: Add dynamic patching feature (bsc#1085308).\n- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).\n- arm64: do not call C code with el0\u0027s fp register (bsc#1085308).\n- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).\n- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).\n- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).\n- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).\n- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).\n- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).\n- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).\n- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).\n- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).\n- asm-generic: provide generic_pmdp_establish() (bnc#1012382).\n- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).\n- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).\n- ath10k: rebuild crypto header in rx data frames (bnc#1012382).\n- ath9k_hw: check if the chip failed to wake up (bnc#1012382).\n- atm: zatm: Fix potential Spectre v1 (bnc#1012382).\n- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).\n- audit: return on memory error to avoid null pointer dereference (bnc#1012382).\n- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).\n- autofs: change autofs4_wait() to take struct path (bsc#1086716).\n- autofs: mount point create should honour passed in mode (bnc#1012382).\n- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).\n- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).\n- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).\n- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).\n- batman-adv: fix packet checksum in receive path (bnc#1012382).\n- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).\n- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).\n- bcache: fix for allocator and register thread race (bnc#1012382).\n- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).\n- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).\n- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).\n- bcache: quit dc-\u003ewriteback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).\n- bcache: return attach error when no cache set exist (bnc#1012382).\n- bdi: Fix oops in wb_workfn() (bnc#1012382).\n- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)\n- block/loop: fix deadlock after loop_set_status (bnc#1012382).\n- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).\n- block: sanity check for integrity intervals (bsc#1091728).\n- bnx2x: use the right constant (bnc#1012382).\n- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).\n- bonding: do not allow rlb updates to invalid mac (bnc#1012382).\n- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).\n- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).\n- bpf: map_get_next_key to return first key on NULL (bnc#1012382).\n- brcmfmac: Fix check for ISO3166 code (bnc#1012382).\n- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).\n- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bnc#1012382).\n- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).\n- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).\n- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).\n- ceph: adding protection for showing cap reservation info (bsc#1089115).\n- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).\n- ceph: check if mds create snaprealm when setting quota (bsc#1089115).\n- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).\n- ceph: do not check quota for snap inode (bsc#1089115).\n- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).\n- ceph: fix race of queuing delayed caps (bsc#1096214).\n- ceph: fix root quota realm check (bsc#1089115).\n- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).\n- ceph: fix st_nlink stat for directories (bsc#1093904).\n- ceph: quota: add counter for snaprealms with quota (bsc#1089115).\n- ceph: quota: add initial infrastructure to support cephfs quotas (bsc#1089115).\n- ceph: quota: cache inode pointer in ceph_snap_realm (bsc#1089115).\n- ceph: quota: do not allow cross-quota renames (bsc#1089115).\n- ceph: quota: report root dir quota usage in statfs (bsc#1089115).\n- ceph: quota: support for ceph.quota.max_bytes (bsc#1089115).\n- ceph: quota: support for ceph.quota.max_files (bsc#1089115).\n- ceph: quota: update MDS when max_bytes is approaching (bsc#1089115).\n- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).\n- cfg80211: further limit wiphy names to 64 bytes (git-fixes).\n- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).\n- cifs: Use file_dentry() (bsc#1093008).\n- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).\n- clk: Do not show the incorrect clock phase (bnc#1012382).\n- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).\n- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).\n- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).\n- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).\n- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).\n- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).\n- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).\n- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).\n- config: arm64: enable Spectre-v4 per-thread mitigation\n- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).\n- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).\n- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).\n- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).\n- crypto: af_alg - fix possible uninit-value in alg_bind() (bnc#1012382).\n- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).\n- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).\n- cxgb4: Setup FW queues before registering netdev (bsc#1022743).\n- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).\n- dccp: fix tasklet usage (bnc#1012382).\n- dccp: initialize ireq-\u003eir_mark (bnc#1012382).\n- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).\n- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).\n- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).\n- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).\n- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).\n- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).\n- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).\n- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).\n- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).\n- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).\n- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).\n- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).\n- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).\n- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).\n- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).\n- drm/virtio: fix vq wait_event condition (bnc#1012382).\n- drm/vmwgfx: Fix a buffer object leak (bnc#1012382).\n- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).\n- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).\n- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).\n- efi: Avoid potential crashes, fix the \u0027struct efi_pci_io_protocol_32\u0027 definition for mixed mode (bnc#1012382).\n- enic: enable rq before updating rq descriptors (bnc#1012382).\n- enic: set DMA mask to 47 bit (bnc#1012382).\n- ext2: fix a block leak (bnc#1012382).\n- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).\n- ext4: add validity checks for bitmap block numbers (bnc#1012382).\n- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).\n- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).\n- ext4: fix bitmap position validation (bnc#1012382).\n- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).\n- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).\n- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).\n- fanotify: fix logic of events on child (bnc#1012382).\n- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).\n- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).\n- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).\n- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).\n- fix io_destroy()/aio_complete() race (bnc#1012382).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).\n- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).\n- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).\n- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).\n- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).\n- futex: futex_wake_op, do not fail on invalid op (git-fixes).\n- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).\n- getname_kernel() needs to make sure that -\u003ename != -\u003einame in long case (bnc#1012382).\n- gfs2: Fix fallocate chunk size (bnc#1012382).\n- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).\n- gpio: No NULL owner (bnc#1012382).\n- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).\n- gpmi-nand: Handle ECC Errors in erased pages (bnc#1012382).\n- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).\n- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).\n- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).\n- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).\n- hwrng: stm32 - add reset during probe (bnc#1012382).\n- hwtracing: stm: fix build error on some arches (bnc#1012382).\n- hypfs_kill_super(): deal with failed allocations (bnc#1012382).\n- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).\n- i2c: rcar: check master irqs before slave irqs (bnc#1012382).\n- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).\n- i2c: rcar: init new messages in irq (bnc#1012382).\n- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).\n- i2c: rcar: refactor setup of a msg (bnc#1012382).\n- i2c: rcar: remove spinlock (bnc#1012382).\n- i2c: rcar: remove unused IOERROR state (bnc#1012382).\n- i2c: rcar: revoke START request early (bnc#1012382).\n- i2c: rcar: rework hw init (bnc#1012382).\n- ibmvnic: Check CRQ command return codes (bsc#1094840).\n- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).\n- ibmvnic: Create separate initialization routine for resets (bsc#1094840).\n- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).\n- ibmvnic: Fix partial success login retries (bsc#1094840).\n- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).\n- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).\n- ibmvnic: Handle error case when setting link state (bsc#1094840).\n- ibmvnic: Introduce active CRQ state (bsc#1094840).\n- ibmvnic: Introduce hard reset recovery (bsc#1094840).\n- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).\n- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).\n- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).\n- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).\n- iio:kfifo_buf: check for uint overflow (bnc#1012382).\n- ima: Fallback to the builtin hash algorithm (bnc#1012382).\n- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).\n- init: fix false positives in W+X checking (bsc#1096982).\n- iommu/vt-d: Fix a potential memory leak (bnc#1012382).\n- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).\n- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).\n- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).\n- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799).\n- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).\n- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).\n- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).\n- ipv4: remove warning in ip_recv_error (bnc#1012382).\n- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (bnc#1012382).\n- irda: fix overly long udelay() (bnc#1012382).\n- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).\n- isdn: eicon: fix a missing-check bug (bnc#1012382).\n- jbd2: fix use after free in kjournald2() (bnc#1012382).\n- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).\n- jffs2: Fix use-after-free bug in jffs2_iget()\u0027s error handling path (bnc#1012382 git-fixes).\n- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).\n- kABI: work around BPF SSBD removal (bsc#1087082).\n- kabi: vfs: Restore dentry_operations-\u003ed_manage (bsc#1086716).\n- kasan: fix memory hotplug during boot (bnc#1012382).\n- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).\n- kconfig: Do not leak main menus during parsing (bnc#1012382).\n- kconfig: Fix automatic menu creation mem leak (bnc#1012382).\n- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).\n- kdb: make \u0027mdr\u0027 command repeat (bnc#1012382).\n- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).\n- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).\n- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, ).\n- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- kobject: do not use WARN for registration failures (bnc#1012382).\n- kvm: Fix nopvspin static branch init usage (bsc#1056427).\n- kvm: Introduce nopvspin kernel parameter (bsc#1056427).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).\n- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).\n- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).\n- l2tp: revert \u0027l2tp: fix missing print session offset info\u0027 (bnc#1012382).\n- lan78xx: Correctly indicate invalid OTP (bnc#1012382).\n- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bnc#1012382).\n- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).\n- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).\n- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).\n- libceph: fix misjudgement of maximum monitor number (bsc#1089115).\n- libceph: reschedule a tick in finish_hunting() (bsc#1089115).\n- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).\n- libceph: validate con-\u003estate at the top of try_write() (bsc#1089115).\n- libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment\n- libnvdimm, namespace: use a safe lookup for dimm device name\n- libnvdimm, pfn: fix start_pad handling for aligned namespaces\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299).\n- llc: better deal with too small mtu (bnc#1012382).\n- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).\n- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).\n- llc: hold llc_sap before release_sock() (bnc#1012382).\n- llc: properly handle dev_queue_xmit() return value (bnc#1012382).\n- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).\n- locking/qspinlock: Ensure node-\u003ecount is updated before initialising node (bnc#1012382).\n- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).\n- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).\n- loop: handle short DIO reads (bsc#1094177).\n- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).\n- mac80211: Add RX flag to indicate ICV stripped (bnc#1012382).\n- mac80211: allow not sending MIC up from driver for HW crypto (bnc#1012382).\n- mac80211: allow same PN for AMSDU sub-frames (bnc#1012382).\n- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).\n- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).\n- md/raid1: fix NULL pointer dereference (bnc#1012382).\n- md: document lifetime of internal rdev pointer (bsc#1056415).\n- md: fix two problems with setting the \u0027re-add\u0027 device state (bsc#1089023).\n- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).\n- md: raid5: avoid string overflow warning (bnc#1012382).\n- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).\n- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).\n- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).\n- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).\n- media: em28xx: USB bulk packet size fix (bnc#1012382).\n- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).\n- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).\n- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).\n- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).\n- mm/ksm: fix interaction with THP (bnc#1012382).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).\n- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).\n- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).\n- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).\n- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (-- VM bnc#1012382 bnc#971975 generic performance read).\n- mm: filemap: remove redundant code in do_read_cache_page (-- VM bnc#1012382 bnc#971975 generic performance read).\n- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).\n- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).\n- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).\n- mmap: introduce sane default mmap limits (bnc#1012382).\n- mmap: relax file size limit for regular files (bnc#1012382).\n- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).\n- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).\n- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).\n- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).\n- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).\n- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).\n- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).\n- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).\n- net/mlx5: Protect from command bit overflow (bnc#1012382).\n- net/packet: refine check for priv area size (bnc#1012382).\n- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).\n- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).\n- net: Fix untag for vlan packets without ethernet header (bnc#1012382).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).\n- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).\n- net: atm: Fix potential Spectre v1 (bnc#1012382).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).\n- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).\n- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).\n- net: fix rtnh_ok() (bnc#1012382).\n- net: fix uninit-value in __hw_addr_add_ex() (bnc#1012382).\n- net: initialize skb-\u003epeeked when cloning (bnc#1012382).\n- net: metrics: add proper netlink validation (bnc#1012382).\n- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).\n- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).\n- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).\n- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).\n- net: test tailroom before appending to linear skb (bnc#1012382).\n- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).\n- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).\n- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).\n- netdev-FAQ: clarify DaveM\u0027s position for stable backports (bnc#1012382).\n- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).\n- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).\n- netlink: fix uninit-value in netlink_sendmsg (bnc#1012382).\n- nfit, address-range-scrub: fix scrub in-progress reporting\n- nfit: fix region registration vs block-data-window ranges\n- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).\n- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).\n- nvme-pci: Fix EEH failure on ppc (bsc#1093533).\n- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).\n- nvme: target: fix buffer overflow (bsc#993388).\n- ocfs2/acl: use \u0027ip_xattr_sem\u0027 to protect getting extended attribute (bnc#1012382).\n- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1070404).\n- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).\n- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1070404).\n- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).\n- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).\n- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).\n- packet: fix bitfield update race (bnc#1012382).\n- packet: fix reserve calculation (bnc#1012382 git-fixes).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (bnc#1012382).\n- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).\n- parisc: Fix out of array access in match_pci_device() (bnc#1012382).\n- percpu: include linux/sched.h for cond_resched() (bnc#1012382).\n- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).\n- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).\n- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).\n- perf intel-pt: Fix sync_switch (bnc#1012382).\n- perf intel-pt: Fix timestamp following overflow (bnc#1012382).\n- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).\n- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).\n- perf/cgroup: Fix child event counting bug (bnc#1012382).\n- perf/core: Fix perf_output_read_group() (bnc#1012382).\n- perf/core: Fix possible Spectre-v1 indexing for -\u003eaux_pages[] (bnc#1012382).\n- perf/core: Fix the perf_cpu_time_max_percent check (bnc#1012382).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bnc#1012382).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bnc#1012382).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bnc#1012382).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bnc#1012382).\n- perf: Remove superfluous allocation error check (bnc#1012382).\n- perf: Return proper values for user stack errors (bnc#1012382).\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).\n- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).\n- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).\n- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).\n- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).\n- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).\n- powerpc/64s: Clear PCR on boot (bnc#1012382).\n- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).\n- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).\n- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).\n- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).\n- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).\n- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).\n- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).\n- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).\n- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).\n- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).\n- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).\n- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).\n- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).\n- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).\n- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).\n- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).\n- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).\n- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).\n- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).\n- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).\n- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).\n- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).\n- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).\n- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).\n- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041). \n- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).\n- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).\n- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).\n- powerpc: conditionally compile platform-specific serial drivers (bsc#1066223).\n- powerpc: signals: Discard transaction state from signal frames (bsc#1094059).\n- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).\n- proc read mm\u0027s {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).\n- proc: fix /proc/*/map_files lookup (bnc#1012382).\n- proc: meminfo: estimate available memory more conservatively (-- VM bnc#1012382 functionality monitoring space user).\n- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).\n- qed: Fix LL2 race during connection terminate (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix mask for physical address in ILT entry (bnc#1012382).\n- qed: Fix possibility of list corruption during rmmod flows (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: LL2 flush isles when connection is closed (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Fix ref-cnt usage count (bsc#1019695 bsc#1019699 bsc#1022604).\n- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).\n- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).\n- r8152: add Linksys USB3GIGV1 id (bnc#1012382).\n- r8152: fix tx packets accounting (bnc#1012382).\n- r8169: fix powering up RTL8168h (bnc#1012382).\n- radeon: hide pointless #warning when compile testing (bnc#1012382).\n- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).\n- regulator: gpio: Fix some error handling paths in \u0027gpio_regulator_probe()\u0027 (bsc#1091960).\n- regulator: of: Add a missing \u0027of_node_put()\u0027 in an error handling path of \u0027of_regulator_match()\u0027 (bnc#1012382).\n- regulatory: add NUL to request alpha2 (bnc#1012382).\n- resource: fix integer overflow at reallocation (bnc#1012382).\n- rfkill: gpio: fix memory leak in probe error path (bnc#1012382).\n- rpc_pipefs: fix double-dput() (bnc#1012382).\n- rpm/config.sh: build against SP3 in OBS as well.\n- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).\n- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).\n- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).\n- rtl8187: Fix NULL pointer dereference in priv-\u003econf_mutex (bnc#1012382).\n- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).\n- rtnetlink: validate attributes in do_setlink() (bnc#1012382).\n- s390/alternative: use a copy of the facility bit mask (bnc#1012382).\n- s390/cio: clear timer when terminating driver I/O (bnc#1012382).\n- s390/cio: fix return code after missing interrupt (bnc#1012382).\n- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero ( bnc#1012382 bnc#1094532).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1094532, ).\n- s390/dasd: fix IO error for newly defined devices (bnc#1093144, ).\n- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).\n- s390/ftrace: use expoline for indirect branches (bnc#1012382).\n- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).\n- s390/kernel: use expoline for indirect branches (bnc#1012382).\n- s390/lib: use expoline for indirect branches (bnc#1012382).\n- s390/qdio: do not merge ERROR output buffers (bnc#1012382).\n- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).\n- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).\n- s390/qdio: fix access to uninitialized qdio_q fields ( bnc#1012382 bnc#1094532).\n- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1094532, ).\n- s390/qeth: consolidate errno translation (bnc#1093144, ).\n- s390/qeth: fix MAC address update sequence (bnc#1093144, ).\n- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, ).\n- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).\n- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).\n- s390: add assembler macros for CPU alternatives (bnc#1012382).\n- s390: add automatic detection of the spectre defense (bnc#1012382).\n- s390: add optimized array_index_mask_nospec (bnc#1012382).\n- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).\n- s390: add sysfs attributes for spectre (bnc#1012382).\n- s390: correct module section names for expoline code revert (bnc#1012382).\n- s390: correct nospec auto detection init order (bnc#1012382).\n- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).\n- s390: enable CPU alternatives unconditionally (bnc#1012382).\n- s390: extend expoline to BC instructions (bnc#1012382).\n- s390: introduce execute-trampolines for branches (bnc#1012382).\n- s390: move expoline assembler macros to a header (bnc#1012382).\n- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).\n- s390: move spectre sysfs attribute code (bnc#1012382).\n- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).\n- s390: report spectre mitigation via syslog (bnc#1012382).\n- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).\n- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).\n- s390: use expoline thunks in the BPF JIT (bnc#1012382).\n- sched/rt: Fix rq-\u003eclock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).\n- scsi: aacraid: Correct hba_send to include iu_type (bsc#1022607).\n- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).\n- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).\n- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).\n- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).\n- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).\n- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).\n- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).\n- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).\n- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).\n- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).\n- scsi: mptsas: Disable WRITE SAME (bnc#1012382).\n- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).\n- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).\n- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).\n- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).\n- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).\n- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).\n- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).\n- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).\n- scsi: zfcp: fix infinite iteration on ERP ready list ( bnc#1012382 bnc#1094532).\n- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1094532, ).\n- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).\n- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: fix the issue that the cookie-ack with auth can\u0027t get processed (bnc#1012382).\n- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).\n- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).\n- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).\n- selftests: Print the test we\u0027re running to /dev/kmsg (bnc#1012382).\n- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).\n- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).\n- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).\n- selftests: memfd: add config fragment for fuse (bnc#1012382).\n- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).\n- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: mctrl_gpio: Add missing module license (bnc#1012382).\n- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).\n- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).\n- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).\n- sh: New gcc support (bnc#1012382).\n- sh: fix debug trap failure to process signals before return to user (bnc#1012382).\n- signals: avoid unnecessary taking of sighand-\u003esiglock (-- Scheduler bnc#1012382 bnc#978907 performance signals).\n- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).\n- slip: Check if rstate is initialized before uncompressing (bnc#1012382).\n- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).\n- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).\n- soreuseport: initialise timewait reuseport field (bnc#1012382).\n- sparc64: Fix build warnings with gcc 7 (bnc#1012382).\n- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).\n- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).\n- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).\n- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).\n- staging: rtl8192u: return -ENOMEM on failed allocation of priv-\u003eoldaddr (bnc#1012382).\n- stm class: Use vmalloc for the master map (bnc#1012382).\n- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).\n- sunvnet: does not support GSO for sctp (bnc#1012382).\n- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).\n- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).\n- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).\n- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).\n- tcp: do not read out-of-bounds opsize (bnc#1012382).\n- tcp: fix TCP_REPAIR_QUEUE bound checking (bnc#1012382).\n- tcp: ignore Fast Open on repair mode (bnc#1012382).\n- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).\n- tcp: purge write queue in tcp_connect_init() (bnc#1012382).\n- team: avoid adding twice the same option to the event list (bnc#1012382).\n- team: fix netconsole setup over team (bnc#1012382).\n- team: use netdev_features_t instead of u32 (bnc#1012382).\n- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).\n- test_firmware: fix setting old custom fw path back on exit, second try (bnc#1012382).\n- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).\n- there is probably a place where forcing _IBRS_OFF is missed (or is too late) and therefore ENABLE_IBRS is sometimes called early during boot while it should not. Let\u0027s drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012\n- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).\n- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).\n- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).\n- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).\n- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).\n- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).\n- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).\n- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).\n- tools/thermal: tmon: fix for segfault (bnc#1012382).\n- tpm: do not suspend/resume if power stays on (bnc#1012382).\n- tpm: self test failure should not cause suspend to fail (bnc#1012382).\n- tracepoint: Do not warn on ENOMEM (bnc#1012382).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).\n- tracing/uprobe_event: Fix strncpy corner case (bnc#1012382).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).\n- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).\n- tracing: Fix regex_match_front() to not over compare the test string (bnc#1012382).\n- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).\n- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).\n- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).\n- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bnc#1012382).\n- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).\n- ubi: Fix error for write access (bnc#1012382).\n- ubi: Reject MLC NAND (bnc#1012382).\n- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).\n- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).\n- udf: Provide saner default for invalid uid / gid (bnc#1012382).\n- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).\n- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).\n- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).\n- usb: dwc2: Fix interval type issue (bnc#1012382).\n- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).\n- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).\n- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).\n- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).\n- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).\n- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).\n- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).\n- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).\n- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).\n- usb: musb: fix enumeration after resume (bnc#1012382).\n- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).\n- usb: musb: host: fix potential NULL pointer dereference (bnc#1012382).\n- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).\n- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).\n- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).\n- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).\n- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).\n- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).\n- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).\n- vfio-pci: Virtualize PCIe and AF FLR (bnc#1012382).\n- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).\n- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).\n- vfs: add path_has_submounts() (bsc#1086716).\n- vfs: add path_is_mountpoint() helper (bsc#1086716).\n- vfs: change d_manage() to take a struct path (bsc#1086716).\n- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).\n- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).\n- virtio: add ability to iterate over vqs (bnc#1012382).\n- virtio_console: free buffers after reset (bnc#1012382).\n- vlan: Fix reading memory beyond skb-\u003etail in skb_vlan_tagged_multi (bnc#1012382).\n- vmscan: do not force-scan file lru if its absolute size is small (-- VM bnc#1012382 page performance reclaim).\n- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).\n- vti4: Do not count header length twice on tunnel setup (bnc#1012382).\n- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).\n- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).\n- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).\n- watchdog: hpwdt: Modify to use watchdog core (bsc#1085185).\n- watchdog: hpwdt: Update Module info and copyright (bsc#1085185).\n- watchdog: hpwdt: Update nmi_panic message (bsc#1085185).\n- watchdog: hpwdt: condition early return of NMI handler on iLO5 (bsc#1085185).\n- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).\n- workqueue: use put_device() instead of kfree() (bnc#1012382).\n- writeback: safer lock nesting (bnc#1012382).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if \u0027noapic\u0027 specified (bnc#1012382).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).\n- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: make intel_rds_mask() honor X86_FEATURE_SSBD (bsc#1094019).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).\n- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).\n- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).\n- x86/devicetree: Initialize device tree before using it (bnc#1012382).\n- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).\n- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).\n- x86/fpu: Revert (\u0027x86/fpu: Disable AVX when eagerfpu is off\u0027) (bnc#1012382).\n- x86/hweight: Do not clobber %rdi (bnc#1012382).\n- x86/hweight: Get rid of the special calling convention (bnc#1012382).\n- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).\n- x86/pkeys: Do not special case protection key 0 (1041740).\n- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).\n- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263).\n- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263).\n- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263).\n- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).\n- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263).\n- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263).\n- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263\n- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263).\n- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263).\n- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).\n- x86/topology: Update the \u0027cpu cores\u0027 field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).\n- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).\n- xen-netfront: Fix hang on device removal (bnc#1012382).\n- xen-netfront: Fix race between device setup and open (bnc#1012382).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).\n- xen/acpi: off by one in read_acpi_id() (bnc#1012382).\n- xen/grant-table: Use put_page instead of free_page (bnc#1012382).\n- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).\n- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).\n- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).\n- xfrm_user: fix return value from xfrm_user_rcv_msg (bnc#1012382).\n- xfs: always verify the log tail during recovery (bsc#1036215).\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).\n- xfs: detect and trim torn writes during log recovery (bsc#1036215).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n- xfs: fix endianness error when checking log block crc on big endian platforms (bsc#1094405, bsc#1036215).\n- xfs: fix incorrect log_flushed on fsync (bnc#1012382).\n- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).\n- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).\n- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).\n- xfs: prevent creating negative-sized file via INSERT_RANGE (bnc#1012382).\n- xfs: refactor and open code log record crc check (bsc#1036215).\n- xfs: refactor log record start detection into a new helper (bsc#1036215).\n- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).\n- xfs: return start block of first bad log record during recovery (bsc#1036215).\n- xfs: support a crc verification only log record pass (bsc#1036215).\n- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).\n- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).\n- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).\n- zorro: Set up z-\u003edev.dma_mask for the DMA API (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP3-2018-1224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1816-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1816-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1816-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004219.html"
},
{
"category": "self",
"summary": "SUSE Bug 1009062",
"url": "https://bugzilla.suse.com/1009062"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1019695",
"url": "https://bugzilla.suse.com/1019695"
},
{
"category": "self",
"summary": "SUSE Bug 1019699",
"url": "https://bugzilla.suse.com/1019699"
},
{
"category": "self",
"summary": "SUSE Bug 1022604",
"url": "https://bugzilla.suse.com/1022604"
},
{
"category": "self",
"summary": "SUSE Bug 1022607",
"url": "https://bugzilla.suse.com/1022607"
},
{
"category": "self",
"summary": "SUSE Bug 1022743",
"url": "https://bugzilla.suse.com/1022743"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1031717",
"url": "https://bugzilla.suse.com/1031717"
},
{
"category": "self",
"summary": "SUSE Bug 1035432",
"url": "https://bugzilla.suse.com/1035432"
},
{
"category": "self",
"summary": "SUSE Bug 1036215",
"url": "https://bugzilla.suse.com/1036215"
},
{
"category": "self",
"summary": "SUSE Bug 1041740",
"url": "https://bugzilla.suse.com/1041740"
},
{
"category": "self",
"summary": "SUSE Bug 1043598",
"url": "https://bugzilla.suse.com/1043598"
},
{
"category": "self",
"summary": "SUSE Bug 1044596",
"url": "https://bugzilla.suse.com/1044596"
},
{
"category": "self",
"summary": "SUSE Bug 1045330",
"url": "https://bugzilla.suse.com/1045330"
},
{
"category": "self",
"summary": "SUSE Bug 1056415",
"url": "https://bugzilla.suse.com/1056415"
},
{
"category": "self",
"summary": "SUSE Bug 1056427",
"url": "https://bugzilla.suse.com/1056427"
},
{
"category": "self",
"summary": "SUSE Bug 1060799",
"url": "https://bugzilla.suse.com/1060799"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1068054",
"url": "https://bugzilla.suse.com/1068054"
},
{
"category": "self",
"summary": "SUSE Bug 1068951",
"url": "https://bugzilla.suse.com/1068951"
},
{
"category": "self",
"summary": "SUSE Bug 1070404",
"url": "https://bugzilla.suse.com/1070404"
},
{
"category": "self",
"summary": "SUSE Bug 1073059",
"url": "https://bugzilla.suse.com/1073059"
},
{
"category": "self",
"summary": "SUSE Bug 1073311",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "self",
"summary": "SUSE Bug 1075087",
"url": "https://bugzilla.suse.com/1075087"
},
{
"category": "self",
"summary": "SUSE Bug 1075428",
"url": "https://bugzilla.suse.com/1075428"
},
{
"category": "self",
"summary": "SUSE Bug 1076049",
"url": "https://bugzilla.suse.com/1076049"
},
{
"category": "self",
"summary": "SUSE Bug 1076263",
"url": "https://bugzilla.suse.com/1076263"
},
{
"category": "self",
"summary": "SUSE Bug 1076805",
"url": "https://bugzilla.suse.com/1076805"
},
{
"category": "self",
"summary": "SUSE Bug 1078583",
"url": "https://bugzilla.suse.com/1078583"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1080157",
"url": "https://bugzilla.suse.com/1080157"
},
{
"category": "self",
"summary": "SUSE Bug 1080542",
"url": "https://bugzilla.suse.com/1080542"
},
{
"category": "self",
"summary": "SUSE Bug 1080656",
"url": "https://bugzilla.suse.com/1080656"
},
{
"category": "self",
"summary": "SUSE Bug 1081500",
"url": "https://bugzilla.suse.com/1081500"
},
{
"category": "self",
"summary": "SUSE Bug 1081514",
"url": "https://bugzilla.suse.com/1081514"
},
{
"category": "self",
"summary": "SUSE Bug 1081599",
"url": "https://bugzilla.suse.com/1081599"
},
{
"category": "self",
"summary": "SUSE Bug 1082153",
"url": "https://bugzilla.suse.com/1082153"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1082485",
"url": "https://bugzilla.suse.com/1082485"
},
{
"category": "self",
"summary": "SUSE Bug 1082504",
"url": "https://bugzilla.suse.com/1082504"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1083635",
"url": "https://bugzilla.suse.com/1083635"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1084721",
"url": "https://bugzilla.suse.com/1084721"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1085308",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1086716",
"url": "https://bugzilla.suse.com/1086716"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1088810",
"url": "https://bugzilla.suse.com/1088810"
},
{
"category": "self",
"summary": "SUSE Bug 1088871",
"url": "https://bugzilla.suse.com/1088871"
},
{
"category": "self",
"summary": "SUSE Bug 1089023",
"url": "https://bugzilla.suse.com/1089023"
},
{
"category": "self",
"summary": "SUSE Bug 1089115",
"url": "https://bugzilla.suse.com/1089115"
},
{
"category": "self",
"summary": "SUSE Bug 1089393",
"url": "https://bugzilla.suse.com/1089393"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090225",
"url": "https://bugzilla.suse.com/1090225"
},
{
"category": "self",
"summary": "SUSE Bug 1090435",
"url": "https://bugzilla.suse.com/1090435"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE Bug 1090658",
"url": "https://bugzilla.suse.com/1090658"
},
{
"category": "self",
"summary": "SUSE Bug 1090663",
"url": "https://bugzilla.suse.com/1090663"
},
{
"category": "self",
"summary": "SUSE Bug 1090708",
"url": "https://bugzilla.suse.com/1090708"
},
{
"category": "self",
"summary": "SUSE Bug 1090718",
"url": "https://bugzilla.suse.com/1090718"
},
{
"category": "self",
"summary": "SUSE Bug 1090734",
"url": "https://bugzilla.suse.com/1090734"
},
{
"category": "self",
"summary": "SUSE Bug 1090953",
"url": "https://bugzilla.suse.com/1090953"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1091325",
"url": "https://bugzilla.suse.com/1091325"
},
{
"category": "self",
"summary": "SUSE Bug 1091594",
"url": "https://bugzilla.suse.com/1091594"
},
{
"category": "self",
"summary": "SUSE Bug 1091728",
"url": "https://bugzilla.suse.com/1091728"
},
{
"category": "self",
"summary": "SUSE Bug 1091960",
"url": "https://bugzilla.suse.com/1091960"
},
{
"category": "self",
"summary": "SUSE Bug 1092289",
"url": "https://bugzilla.suse.com/1092289"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092566",
"url": "https://bugzilla.suse.com/1092566"
},
{
"category": "self",
"summary": "SUSE Bug 1092772",
"url": "https://bugzilla.suse.com/1092772"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092888",
"url": "https://bugzilla.suse.com/1092888"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1092975",
"url": "https://bugzilla.suse.com/1092975"
},
{
"category": "self",
"summary": "SUSE Bug 1093008",
"url": "https://bugzilla.suse.com/1093008"
},
{
"category": "self",
"summary": "SUSE Bug 1093035",
"url": "https://bugzilla.suse.com/1093035"
},
{
"category": "self",
"summary": "SUSE Bug 1093144",
"url": "https://bugzilla.suse.com/1093144"
},
{
"category": "self",
"summary": "SUSE Bug 1093215",
"url": "https://bugzilla.suse.com/1093215"
},
{
"category": "self",
"summary": "SUSE Bug 1093533",
"url": "https://bugzilla.suse.com/1093533"
},
{
"category": "self",
"summary": "SUSE Bug 1093904",
"url": "https://bugzilla.suse.com/1093904"
},
{
"category": "self",
"summary": "SUSE Bug 1093990",
"url": "https://bugzilla.suse.com/1093990"
},
{
"category": "self",
"summary": "SUSE Bug 1094019",
"url": "https://bugzilla.suse.com/1094019"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094059",
"url": "https://bugzilla.suse.com/1094059"
},
{
"category": "self",
"summary": "SUSE Bug 1094177",
"url": "https://bugzilla.suse.com/1094177"
},
{
"category": "self",
"summary": "SUSE Bug 1094268",
"url": "https://bugzilla.suse.com/1094268"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094356",
"url": "https://bugzilla.suse.com/1094356"
},
{
"category": "self",
"summary": "SUSE Bug 1094405",
"url": "https://bugzilla.suse.com/1094405"
},
{
"category": "self",
"summary": "SUSE Bug 1094466",
"url": "https://bugzilla.suse.com/1094466"
},
{
"category": "self",
"summary": "SUSE Bug 1094532",
"url": "https://bugzilla.suse.com/1094532"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1095147",
"url": "https://bugzilla.suse.com/1095147"
},
{
"category": "self",
"summary": "SUSE Bug 1096037",
"url": "https://bugzilla.suse.com/1096037"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096214",
"url": "https://bugzilla.suse.com/1096214"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096751",
"url": "https://bugzilla.suse.com/1096751"
},
{
"category": "self",
"summary": "SUSE Bug 1096982",
"url": "https://bugzilla.suse.com/1096982"
},
{
"category": "self",
"summary": "SUSE Bug 1097234",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 1098009",
"url": "https://bugzilla.suse.com/1098009"
},
{
"category": "self",
"summary": "SUSE Bug 1098012",
"url": "https://bugzilla.suse.com/1098012"
},
{
"category": "self",
"summary": "SUSE Bug 919144",
"url": "https://bugzilla.suse.com/919144"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE Bug 978907",
"url": "https://bugzilla.suse.com/978907"
},
{
"category": "self",
"summary": "SUSE Bug 993388",
"url": "https://bugzilla.suse.com/993388"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17741 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12233 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-06-26T11:39:16Z",
"generator": {
"date": "2018-06-26T11:39:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1816-1",
"initial_release_date": "2018-06-26T11:39:16Z",
"revision_history": [
{
"date": "2018-06-26T11:39:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"product_id": "kernel-devel-rt-4.4.138-3.14.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.138-3.14.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.138-3.14.1.noarch",
"product_id": "kernel-source-rt-4.4.138-3.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "dlm-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-base-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-devel-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"product_id": "kernel-syms-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.138-3.14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.138-3.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-17741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17741"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17741",
"url": "https://www.suse.com/security/cve/CVE-2017-17741"
},
{
"category": "external",
"summary": "SUSE Bug 1073311 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2017-17741"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-12233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12233"
}
],
"notes": [
{
"category": "general",
"text": "In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12233",
"url": "https://www.suse.com/security/cve/CVE-2018-12233"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097234 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-12233"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
}
]
}
suse-su-2018:1855-2
Vulnerability from csaf_suse
Published
2018-10-18 12:47
Modified
2018-10-18 12:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO
ioctl (bsc#1096728).
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353).
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers
(bsc#1087095).
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007).
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012).
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904).
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900).
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962).
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895).
The following non-security bugs were fixed:
- ALSA: timer: Fix pause event notification (bsc#973378).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fix the patch content (bsc#1085185)
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
Patchnames
SUSE-SLE-SERVER-12-SP2-BCL-2018-1251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO\n ioctl (bsc#1096728).\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353).\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers\n (bsc#1087095).\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007).\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012).\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904).\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900).\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962).\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895).\n\nThe following non-security bugs were fixed:\n\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fix the patch content (bsc#1085185)\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP2-BCL-2018-1251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1855-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1855-2",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181855-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1855-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004702.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-18T12:47:06Z",
"generator": {
"date": "2018-10-18T12:47:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1855-2",
"initial_release_date": "2018-10-18T12:47:06Z",
"revision_history": [
{
"date": "2018-10-18T12:47:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product_id": "kernel-devel-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product_id": "kernel-macros-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product_id": "kernel-source-4.4.121-92.85.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product_id": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
}
]
}
suse-su-2018:1366-1
Vulnerability from csaf_suse
Published
2018-05-22 11:33
Modified
2018-05-22 11:33
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.131 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature
in modern CPUs were mitigated, aka 'Spectre Variant 4' (bnc#1087082).
A new boot commandline option was introduced,
'spec_store_bypass_disable', which can have following values:
- auto: Kernel detects whether your CPU model contains an implementation
of Speculative Store Bypass and picks the most appropriate mitigation.
- on: disable Speculative Store Bypass
- off: enable Speculative Store Bypass
- prctl: Control Speculative Store Bypass per thread via
prctl. Speculative Store Bypass is enabled for a process by default. The
state of the control is inherited on fork.
- seccomp: Same as 'prctl' above, but all seccomp threads will disable
SSB unless they explicitly opt out.
The default is 'seccomp', meaning programs need explicit opt-in into the mitigation.
Status can be queried via the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file, containing:
- 'Vulnerable'
- 'Mitigation: Speculative Store Bypass disabled'
- 'Mitigation: Speculative Store Bypass disabled via prctl'
- 'Mitigation: Speculative Store Bypass disabled via prctl and seccomp'
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c
had an integer-overflow vulnerability allowing local users with access
to the udldrmfb driver to obtain full read and write permissions on
kernel physical pages, resulting in a code execution in kernel space
(bnc#1090643).
- CVE-2018-10124: The kill_something_info function in kernel/signal.c
might have allowed local users to cause a denial of service via an
INT_MIN argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might
have allowed local users to cause a denial of service by triggering an
attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-1000199: An address corruption flaw was discovered while
modifying a h/w breakpoint via 'modify_user_hw_breakpoint' routine, an
unprivileged user/process could use this flaw to crash the system kernel
resulting in DoS OR to potentially escalate privileges on a the system. (bsc#1089895)
- CVE-2018-1130: The Linux kernel was vulnerable to a null pointer
dereference in dccp_write_xmit() function in net/dccp/output.c in that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bnc#1092904).
- CVE-2018-5803: An error in the _sctp_make_chunk() function when handling
SCTP, packet length could have been exploited by a malicious local user
to cause a kernel crash and a DoS. (bnc#1083900).
- CVE-2018-1065: The netfilter subsystem mishandled the case of
a rule blob that contains a jump but lacks a user-defined chain,
which allowed local users to cause a denial of service (NULL
pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN
capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c,
ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in
net/ipv6/netfilter/ip6_tables.c (bnc#1083650 1091925).
- CVE-2018-7492: A NULL pointer dereference was found in the
net/rds/rdma.c __rds_rdma_map() function allowing local attackers to
cause a system panic and a denial-of-service, related to RDS_GET_MR and
RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- acpica: Disassembler: Abort on an invalid/unknown AML opcode (bnc#1012382).
- acpica: Events: Add runtime stub support for event APIs (bnc#1012382).
- acpi / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).
- acpi, PCI, irq: remove redundant check for null string pointer (bnc#1012382).
- acpi / scan: Send change uevent with offine environmental data (bsc#1082485).
- acpi / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).
- alsa: asihpi: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: control: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).
- alsa: hda: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: hda - New VIA controller suppor no-snoop path (bnc#1012382).
- alsa: hda/realtek - Add some fixes for ALC233 (bnc#1012382).
- alsa: hdspm: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: line6: Use correct endpoint type for midi output (bnc#1012382).
- alsa: opl3: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).
- alsa: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).
- alsa: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).
- alsa: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).
- alsa: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).
- alsa: pcm: potential uninitialized return values (bnc#1012382).
- alsa: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).
- alsa: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bnc#1012382).
- alsa: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).
- alsa: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).
- alsa: rme9652: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).
- alsa: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).
- alsa: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).
- arm64: avoid overflow in VA_START and PAGE_OFFSET (bnc#1012382).
- arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage (bnc#1012382).
- arm: amba: Do not read past the end of sysfs 'driver_override' buffer (bnc#1012382).
- arm: amba: Fix race condition with driver_override (bnc#1012382).
- arm: amba: Make driver_override output consistent with other buses (bnc#1012382).
- arm: davinci: da8xx: Create DSP device only when assigned memory (bnc#1012382).
- arm: dts: am57xx-beagle-x15-common: Add overide powerhold property (bnc#1012382).
- arm: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).
- arm: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).
- arm: dts: dra7: Add power hold and power controller properties to palmas (bnc#1012382).
- arm: dts: imx53-qsrb: Pulldown PMIC IRQ pin (bnc#1012382).
- arm: dts: imx6qdl-wandboard: Fix audio channel swap (bnc#1012382).
- arm: dts: ls1021a: add 'fsl,ls1021a-esdhc' compatible string to esdhc node (bnc#1012382).
- arm: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull (bnc#1012382).
- arp: fix arp_filter on l3slave devices (bnc#1012382).
- arp: honour gratuitous ARP _replies_ (bnc#1012382).
- asoc: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).
- asoc: Intel: cht_bsw_rt5645: Analog Mic support (bnc#1012382).
- asoc: rsnd: SSI PIO adjust to 24bit mode (bnc#1012382).
- asoc: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).
- async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome() (bnc#1012382).
- ata: libahci: properly propagate return value of platform_get_irq() (bnc#1012382).
- ath5k: fix memory leak on buf on failed eeprom read (bnc#1012382).
- ath9k_hw: check if the chip failed to wake up (bnc#1012382).
- audit: add tty field to LOGIN event (bnc#1012382).
- autofs: mount point create should honour passed in mode (bnc#1012382).
- bcache: segregate flash only volume write streams (bnc#1012382).
- bcache: stop writeback thread after detaching (bnc#1012382).
- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)
- blk-mq: fix bad clear of RQF_MQ_INFLIGHT in blk_mq_ct_ctx_init() (bsc#1085058).
- blk-mq: fix kernel oops in blk_mq_tag_idle() (bnc#1012382).
- block: correctly mask out flags in blk_rq_append_bio() (bsc#1085058).
- block/loop: fix deadlock after loop_set_status (bnc#1012382).
- block: sanity check for integrity intervals (bsc#1091728).
- bluetooth: Fix missing encryption refresh on Security Request (bnc#1012382).
- bluetooth: Send HCI Set Event Mask Page 2 command only when needed (bnc#1012382).
- bna: Avoid reading past end of buffer (bnc#1012382).
- bnx2x: Allow vfs to disable txvlan offload (bnc#1012382).
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).
- bonding: Do not update slave->link until ready to commit (bnc#1012382).
- bonding: fix the err path for dev hwaddr sync in bond_enslave (bnc#1012382).
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave (bnc#1012382).
- bonding: process the err returned by dev_set_allmulti properly in bond_enslave (bnc#1012382).
- btrfs: fix incorrect error return ret being passed to mapping_set_error (bnc#1012382).
- btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).
- btrfs: Only check first key for committed tree blocks (bsc#1084721).
- btrfs: Validate child tree block's level and first key (bsc#1084721).
- bus: brcmstb_gisb: correct support for 64-bit address output (bnc#1012382).
- bus: brcmstb_gisb: Use register offsets with writes too (bnc#1012382).
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).
- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).
- ceph: adding protection for showing cap reservation info (bsc#1089115).
- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).
- ceph: check if mds create snaprealm when setting quota (fate#324665 bsc#1089115).
- ceph: do not check quota for snap inode (fate#324665 bsc#1089115).
- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).
- ceph: fix root quota realm check (fate#324665 bsc#1089115).
- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).
- ceph: quota: add counter for snaprealms with quota (fate#324665 bsc#1089115).
- ceph: quota: add initial infrastructure to support cephfs quotas (fate#324665 bsc#1089115).
- ceph: quota: cache inode pointer in ceph_snap_realm (fate#324665 bsc#1089115).
- ceph: quota: do not allow cross-quota renames (fate#324665 bsc#1089115).
- ceph: quota: report root dir quota usage in statfs (fate#324665 bsc#1089115).
- ceph: quota: support for ceph.quota.max_bytes (fate#324665 bsc#1089115).
- ceph: quota: support for ceph.quota.max_files (fate#324665 bsc#1089115).
- ceph: quota: update MDS when max_bytes is approaching (fate#324665 bsc#1089115).
- cfg80211: make RATE_INFO_BW_20 the default (bnc#1012382).
- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).
- cifs: silence lockdep splat in cifs_relock_file() (bnc#1012382).
- cifs: Use file_dentry() (bsc#1093008).
- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).
- clk: Fix __set_clk_rates error print-string (bnc#1012382).
- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).
- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).
- clk: scpi: fix return type of __scpi_dvfs_round_rate (bnc#1012382).
- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).
- cpumask: Add helper cpumask_available() (bnc#1012382).
- crypto: ahash - Fix early termination in hash walk (bnc#1012382).
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one (bnc#1012382).
- cx25840: fix unchecked return values (bnc#1012382).
- cxgb4: fix incorrect cim_la output for T6 (bnc#1012382).
- cxgb4: Fix queue free path of ULD drivers (bsc#1022743 FATE#322540).
- cxgb4: FW upgrade fixes (bnc#1012382).
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages (bnc#1012382).
- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).
- dmaengine: imx-sdma: Handle return value of clk_prepare_enable (bnc#1012382).
- dm ioctl: remove double parentheses (bnc#1012382).
- Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition (bnc#1012382).
- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).
- drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 (FATE#321732).
- drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 (bnc#1024296,FATE#321265).
- drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests (bnc#1012382).
- drm/omap: fix tiled buffer stride calculations (bnc#1012382).
- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).
- drm/virtio: fix vq wait_event condition (bnc#1012382).
- e1000e: fix race condition around skb_tstamp_tx() (bnc#1012382).
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails (bnc#1012382).
- edac, mv64x60: Fix an error handling path (bnc#1012382).
- Enable uinput driver (bsc#1092566).
- esp: Fix memleaks on error paths (git-fixes).
- ext4: add validity checks for bitmap block numbers (bnc#1012382).
- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).
- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).
- ext4: fix bitmap position validation (bnc#1012382).
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).
- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() (bnc#1012382).
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).
- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).
- fanotify: fix logic of events on child (bnc#1012382).
- fix race in drivers/char/random.c:get_reg() (bnc#1012382).
- frv: declare jiffies to be located in the .data section (bnc#1012382).
- fs: compat: Remove warning from COMPATIBLE_IOCTL (bnc#1012382).
- fs/proc: Stop trying to report thread stacks (bnc#1012382).
- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).
- genirq: Use cpumask_available() for check of cpumask variable (bnc#1012382).
- getname_kernel() needs to make sure that ->name != ->iname in long case (bnc#1012382).
- gpio: label descriptors using the device name (bnc#1012382).
- hdlcdrv: Fix divide by zero in hdlcdrv_ioctl (bnc#1012382).
- hid: core: Fix size as type u32 (bnc#1012382).
- hid: Fix hid_report_len usage (bnc#1012382).
- hid: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).
- hid: i2c-hid: fix size check and type usage (bnc#1012382).
- hwmon: (ina2xx) Fix access to uninitialized mutex (git-fixes).
- hwmon: (ina2xx) Make calibration register value fixed (bnc#1012382).
- hypfs_kill_super(): deal with failed allocations (bnc#1012382).
- i40iw: Free IEQ resources (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- ib/core: Fix possible crash to access NULL netdev (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
- ib/core: Generate GID change event regardless of RoCE GID table property (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
- ib/mlx4: Fix corruption of RoCEv2 IPv4 GIDs (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
- ib/mlx4: Include GID type when deleting GIDs from HW table under RoCE (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
- ib/mlx5: Avoid passing an invalid QP type to firmware (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- ib/mlx5: Fix an error code in __mlx5_ib_modify_qp() (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- ib/mlx5: Fix incorrect size of klms in the memory region (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- ib/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- ib/mlx5: revisit -Wmaybe-uninitialized warning (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- ib/mlx5: Set the default active rate and width to QDR and 4X (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).
- ibmvnic: Clear pending interrupt after device reset (bsc#1089644).
- ibmvnic: Define vnic_login_client_data name field as unsized array (bsc#1089198).
- ibmvnic: Do not notify peers on parameter change resets (bsc#1089198).
- ibmvnic: Handle all login error conditions (bsc#1089198).
- ib/srp: Fix completion vector assignment algorithm (bnc#1012382).
- ib/srp: Fix srp_abort() (bnc#1012382).
- ib/srpt: Fix abort handling (bnc#1012382).
- ib/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() (bnc#1024296,FATE#321265).
- iio: hi8435: avoid garbage event at first enable (bnc#1012382).
- iio: hi8435: cleanup reset gpio (bnc#1012382).
- iio: magnetometer: st_magn_spi: fix spi_device_id table (bnc#1012382).
- input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).
- input: ALPS - fix trackstick button handling on V8 devices (git-fixes).
- input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).
- input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).
- input: drv260x - fix initializing overdrive voltage (bnc#1012382).
- input: elan_i2c - check if device is there before really probing (bnc#1012382).
- input: elan_i2c - clear INT before resetting controller (bnc#1012382).
- input: elantech - force relative mode on a certain module (bnc#1012382).
- input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list (bnc#1012382).
- input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad (bnc#1012382).
- input: mousedev - fix implicit conversion warning (bnc#1012382).
- iommu/vt-d: Fix a potential memory leak (bnc#1012382).
- ip6_gre: better validate user provided tunnel names (bnc#1012382).
- ip6_tunnel: better validate user provided tunnel names (bnc#1012382).
- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).
- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799). Refresh patch to mainline version.
- ipsec: check return value of skb_to_sgvec always (bnc#1012382).
- ip_tunnel: better validate user provided tunnel names (bnc#1012382).
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).
- ipv6: avoid dad-failures for addresses with NODAD (bnc#1012382).
- ipv6: sit: better validate user provided tunnel names (bnc#1012382).
- ipv6: the entire IPv6 header chain must fit the first fragment (bnc#1012382).
- iw_cxgb4: print mapped ports correctly (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).
- jbd2: fix use after free in kjournald2() (bnc#1012382).
- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).
- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).
- jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp (bnc#1012382).
- kABI: add tty include to audit.c (kabi).
- kABI: protect hid report functions (kabi).
- kABI: protect jiffies types (kabi).
- kABI: protect skb_to_sgvec* (kabi).
- kABI: protect sound/timer.h include in sound pcm.c (kabi).
- kABI: protect struct cstate (kabi).
- kABI: protect struct _lowcore (kabi).
- kABI: protect tty include in audit.h (kabi).
- kabi/severities: Ignore kgr_shadow_* kABI changes
- kbuild: provide a __UNIQUE_ID for clang (bnc#1012382).
- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).
- keys: DNS: limit the length of option strings (bnc#1012382).
- kGraft: fix small race in reversion code (bsc#1083125).
- kobject: do not use WARN for registration failures (bnc#1012382).
- kvm: Fix nopvspin static branch init usage (bsc#1056427).
- kvm: Introduce nopvspin kernel parameter (bsc#1056427).
- kvm: nVMX: Fix handling of lmsw instruction (bnc#1012382).
- kvm: PPC: Book3S PR: Check copy_to/from_user return values (bnc#1012382).
- kvm: SVM: do not zero out segment attributes if segment is unusable or not present (bnc#1012382).
- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).
- l2tp: fix missing print session offset info (bnc#1012382).
- lan78xx: Correctly indicate invalid OTP (bnc#1012382).
- leds: pca955x: Correct I2C Functionality (bnc#1012382).
- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).
- libceph: fix misjudgement of maximum monitor number (bsc#1089115).
- libceph: reschedule a tick in finish_hunting() (bsc#1089115).
- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).
- libceph: validate con->state at the top of try_write() (bsc#1089115).
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).
- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).
- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).
- llc: hold llc_sap before release_sock() (bnc#1012382).
- llist: clang: introduce member_address_is_nonnull() (bnc#1012382).
- lockd: fix lockd shutdown race (bnc#1012382).
- lockd: lost rollback of set_grace_period() in lockd_down_net() (git-fixes).
- mac80211: bail out from prep_connection() if a reconfig is ongoing (bnc#1012382).
- mceusb: sporadic RX truncation corruption fix (bnc#1012382).
- md: document lifetime of internal rdev pointer (bsc#1056415).
- md: fix two problems with setting the 're-add' device state (bsc#1089023).
- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).
- md raid10: fix NULL deference in handle_write_completed() (git-fixes).
- md/raid10: reset the 'first' at the end of loop (bnc#1012382).
- md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock (bnc#1012382).
- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).
- media: videobuf2-core: do not go out of the buffer range (bnc#1012382).
- mei: remove dev_err message on an unsupported ioctl (bnc#1012382).
- mISDN: Fix a sleep-in-atomic bug (bnc#1012382).
- mlx5: fix bug reading rss_hash_type from CQE (bnc#1012382).
- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).
- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).
- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).
- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).
- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).
- mtd: jedec_probe: Fix crash in jedec_read_mfr() (bnc#1012382).
- neighbour: update neigh timestamps iff update is effective (bnc#1012382).
- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).
- net: cavium: liquidio: fix up 'Avoid dma_unmap_single on uninitialized ndata' (bnc#1012382).
- net: cdc_ncm: Fix TX zero padding (bnc#1012382).
- net: emac: fix reset timeout with AR8035 phy (bnc#1012382).
- net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control (bnc#1012382).
- netfilter: bridge: ebt_among: add more missing match size checks (bnc#1012382).
- netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize (bnc#1012382).
- netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch (bnc#1012382).
- netfilter: nf_nat_h323: fix logical-not-parentheses warning (bnc#1012382).
- netfilter: x_tables: add and use xt_check_proc_name (bnc#1012382).
- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).
- net: fix possible out-of-bound read in skb_network_protocol() (bnc#1012382).
- net: fool proof dev_valid_name() (bnc#1012382).
- net: freescale: fix potential null pointer dereference (bnc#1012382).
- net: hns: Fix ethtool private flags (bnc#1012382 bsc#1085511).
- net: ieee802154: fix net_device reference release too early (bnc#1012382).
- net/ipv6: Fix route leaking between VRFs (bnc#1012382).
- net/ipv6: Increment OUTxxx counters after netfilter hook (bnc#1012382).
- netlink: make sure nladdr has correct size in netlink_connect() (bnc#1012382).
- net: llc: add lock_sock in llc_ui_bind to avoid a race condition (bnc#1012382).
- net/mlx4: Check if Granular QoS per VF has been enabled before updating QP qos_vport (bnc#1012382).
- net/mlx4_core: Fix memory leak while delete slave's resources (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
- net/mlx4_en: Avoid adding steering rules with invalid ring (bnc#1012382).
- net/mlx4_en: Fix mixed PFC and Global pause user control requests (bsc#1015336 FATE#321685 bsc#1015337 FATE#321686 bsc#1015340 FATE#321687).
- net/mlx4: Fix the check in attaching steering rules (bnc#1012382).
- net/mlx5: avoid build warning for uniprocessor (bnc#1012382).
- net/mlx5e: Add error print in ETS init (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Check support before TC swap in ETS init (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: E-Switch, Use the name of static array instead of its address (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5e: Remove unused define MLX5_MPWRQ_STRIDES_PER_PAGE (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Fix error handling in load one (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Fix ingress/egress naming mistake (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Tolerate irq_set_affinity_hint() failures (bnc#1012382).
- net: move somaxconn init from sysctl code (bnc#1012382).
- net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support (bnc#1012382).
- net: qca_spi: Fix alignment issues in rx path (bnc#1012382).
- net sched actions: fix dumping which requires several messages to user space (bnc#1012382).
- net/sched: fix NULL dereference in the error path of tcf_bpf_init() (bnc#1012382).
- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).
- net: x25: fix one potential use-after-free issue (bnc#1012382).
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (bnc#1012382).
- nfsv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION (bnc#1012382).
- nfsv4.1: Work around a Linux server bug.. (bnc#1012382).
- nospec: Kill array_index_nospec_mask_check() (bnc#1012382).
- nospec: Move array_index_nospec() parameter checking into separate macro (bnc#1012382).
- ovl: filter trusted xattr for non-admin (bnc#1012382).
- packet: fix bitfield update race (bnc#1012382).
- parisc: Fix out of array access in match_pci_device() (bnc#1012382).
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card (bnc#1012382).
- partitions/msdos: Unable to mount UFS 44bsd partitions (bnc#1012382).
- pci/cxgb4: Extend T3 PCI quirk to T4+ devices (bsc#981348).
- pci: Make PCI_ROM_ADDRESS_MASK a 32-bit constant (bnc#1012382).
- perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1012382).
- perf/core: Fix locking for children siblings group read (git-fixes).
- perf header: Set proper module name when build-id event found (bnc#1012382).
- perf/hwbp: Simplify the perf-hwbp code, fix documentation (bnc#1012382).
- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).
- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).
- perf intel-pt: Fix sync_switch (bnc#1012382).
- perf intel-pt: Fix timestamp following overflow (bnc#1012382).
- perf probe: Add warning message if there is unexpected event name (bnc#1012382).
- perf report: Ensure the perf DSO mapping matches what libdw sees (bnc#1012382).
- perf: Return proper values for user stack errors (bnc#1012382).
- perf tests: Decompress kernel module before objdump (bnc#1012382).
- perf tools: Fix copyfile_offset update of output offset (bnc#1012382).
- perf trace: Add mmap alias for s390 (bnc#1012382).
- pidns: disable pid allocation if pid_ns_prepare_proc() is failed in alloc_pid() (bnc#1012382).
- pNFS/flexfiles: missing error code in ff_layout_alloc_lseg() (bnc#1012382).
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).
- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).
- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).
- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).
- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).
- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).
- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).
- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/[booke|4xx]: Do not clobber TCR[WP] when setting TCR[DIE] (bnc#1012382).
- powerpc/crash: Remove the test for cpu_online in the IPI callback (bsc#1088242).
- powerpc: Do not send system reset request through the oops path (bsc#1088242).
- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).
- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).
- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).
- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).
- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).
- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).
- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).
- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041). Update patches.suse/powerpc-pseries-rfi-flush-Call-setup_rfi_flush-after.patch (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/spufs: Fix coredump of SPU contexts (bnc#1012382).
- powerpc: System reset avoid interleaving oops using die synchronisation (bsc#1088242).
- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).
- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).
- pptp: remove a buggy dst release in pptp_connect() (bnc#1012382).
- qlge: Avoid reading past end of buffer (bnc#1012382).
- r8152: add Linksys USB3GIGV1 id (bnc#1012382).
- r8169: fix setting driver_data after register_netdev (bnc#1012382).
- radeon: hide pointless #warning when compile testing (bnc#1012382).
- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).
- random: use lockless method of accessing and updating f->reg_idx (bnc#1012382).
- ray_cs: Avoid reading past end of buffer (bnc#1012382).
- rdma/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access (FATE#321732).
- rdma/mlx5: Protect from NULL pointer derefence (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- rdma/qedr: fix QP's ack timeout configuration (bsc#1022604 FATE#321747).
- rdma/qedr: Fix QP state initialization race (bsc#1022604 FATE#321747).
- rdma/qedr: Fix rc initialization on CNQ allocation failure (bsc#1022604 FATE#321747).
- rdma/rxe: Fix an out-of-bounds read (FATE#322149).
- rdma/ucma: Check AF family prior resolving address (bnc#1012382).
- rdma/ucma: Check that device exists prior to accessing it (bnc#1012382).
- rdma/ucma: Check that device is connected prior to access it (bnc#1012382).
- rdma/ucma: Do not allow join attempts for unsupported AF family (bnc#1012382).
- rdma/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).
- rdma/ucma: Ensure that CM_ID exists prior to access it (bnc#1012382).
- rdma/ucma: Fix use-after-free access in ucma_close (bnc#1012382).
- rdma/ucma: Introduce safer rdma_addr_size() variants (bnc#1012382).
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path (bnc#1012382).
- regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' (bsc#1091960).
- resource: fix integer overflow at reallocation (bnc#1012382).
- Revert 'alsa: pcm: Fix mutex unbalance in OSS emulation ioctls' (kabi).
- Revert 'alsa: pcm: Return -EBUSY for OSS ioctls changing busy streams' (kabi).
- Revert 'arm: dts: am335x-pepper: Fix the audio CODEC's reset pin' (bnc#1012382).
- Revert 'arm: dts: omap3-n900: Fix the audio CODEC's reset pin' (bnc#1012382).
- Revert 'ath10k: send (re)assoc peer command when NSS changed' (bnc#1012382).
- Revert 'cpufreq: Fix governor module removal race' (bnc#1012382).
- Revert 'ip6_vti: adjust vti mtu according to mtu of lower device' (bnc#1012382).
- Revert 'KVM: Fix stack-out-of-bounds read in write_mmio' (bnc#1083635).
- Revert 'mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.' (kabi).
- Revert 'mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.' (kabi).
- Revert 'mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.' (kabi).
- Revert 'mtip32xx: use runtime tag to initialize command header' (bnc#1012382).
- Revert 'PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()' (bnc#1012382).
- Revert 'perf tests: Decompress kernel module before objdump' (bnc#1012382).
- Revert 'xhci: plat: Register shutdown for xhci_plat' (bnc#1012382).
- rpc_pipefs: fix double-dput() (bnc#1012382).
- rpm/config.sh: build against SP3 in OBS as well.
- rpm/config.sh: ensure sorted patches.
- rtc: interface: Validate alarm-time before handling rollover (bnc#1012382).
- rtc: opal: Handle disabled TPO in opal_get_tpo_time() (bnc#1012382).
- rtc: snvs: fix an incorrect check of return value (bnc#1012382).
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex (bnc#1012382).
- rxrpc: check return value of skb_to_sgvec always (bnc#1012382).
- s390: add automatic detection of the spectre defense (bnc#1012382).
- s390: add optimized array_index_mask_nospec (bnc#1012382).
- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).
- s390: add sysfs attributes for spectre (bnc#1012382).
- s390/alternative: use a copy of the facility bit mask (bnc#1012382).
- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).
- s390: correct module section names for expoline code revert (bnc#1012382).
- s390: correct nospec auto detection init order (bnc#1012382).
- s390/dasd: fix hanging safe offline (bnc#1012382).
- s390/dasd: fix IO error for newly defined devices (bnc#1093144, LTC#167398).
- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).
- s390: enable CPU alternatives unconditionally (bnc#1012382).
- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).
- s390: introduce execute-trampolines for branches (bnc#1012382).
- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).
- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).
- s390: move _text symbol to address higher than zero (bnc#1012382).
- s390/qdio: do not merge ERROR output buffers (bnc#1012382).
- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).
- s390/qeth: consolidate errno translation (bnc#1093144, LTC#167507).
- s390/qeth: fix MAC address update sequence (bnc#1093144, LTC#167609).
- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, LTC#167507).
- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).
- s390: report spectre mitigation via syslog (bnc#1012382).
- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).
- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).
- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).
- sched/numa: Use down_read_trylock() for the mmap_sem (bnc#1012382).
- scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats() (bnc#1012382).
- scsi: libiscsi: Allow sd_shutdown on bad transport (bnc#1012382).
- scsi: libsas: initialize sas_phy status according to response of DISCOVER (bnc#1012382).
- scsi: lpfc: Add per io channel NVME IO statistics (bsc#1088865).
- scsi: lpfc: Correct missing remoteport registration during link bounces (bsc#1088865).
- scsi: lpfc: Correct target queue depth application changes (bsc#1088865).
- scsi: lpfc: Enlarge nvmet asynchronous receive buffer counts (bsc#1088865).
- scsi: lpfc: Fix Abort request WQ selection (bsc#1088865).
- scsi: lpfc: Fix driver not recovering NVME rports during target link faults (bsc#1088865).
- scsi: lpfc: Fix lingering lpfc_wq resource after driver unload (bsc#1088865).
- scsi: lpfc: Fix multiple PRLI completion error path (bsc#1088865).
- scsi: lpfc: Fix NULL pointer access in lpfc_nvme_info_show (bsc#1088865).
- scsi: lpfc: Fix NULL pointer reference when resetting adapter (bsc#1088865).
- scsi: lpfc: Fix nvme remoteport registration race conditions (bsc#1088865).
- scsi: lpfc: Fix WQ/CQ creation for older asic's (bsc#1088865).
- scsi: lpfc: update driver version to 11.4.0.7-2 (bsc#1088865).
- scsi: mpt3sas: Proper handling of set/clear of 'ATA command pending' flag (bnc#1012382).
- scsi: mptsas: Disable WRITE SAME (bnc#1012382).
- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).
- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: do not leak kernel memory to user space (bnc#1012382).
- sctp: fix recursive locking warning in sctp_do_peeloff (bnc#1012382).
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 (bnc#1012382).
- selftests/powerpc: Fix TM resched DSCR test with some compilers (bnc#1012382).
- selinux: do not check open permission on sockets (bnc#1012382).
- selinux: Remove redundant check for unknown labeling behavior (bnc#1012382).
- selinux: Remove unnecessary check of array base in selinux_set_mapping() (bnc#1012382).
- serial: 8250: omap: Disable DMA for console UART (bnc#1012382).
- serial: mctrl_gpio: Add missing module license (bnc#1012382).
- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).
- serial: sh-sci: Fix race condition causing garbage during shutdown (bnc#1012382).
- sh_eth: Use platform device for printing before register_netdev() (bnc#1012382).
- sit: reload iphdr in ipip6_rcv (bnc#1012382).
- skbuff: only inherit relevant tx_flags (bnc#1012382).
- skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow (bnc#1012382).
- sky2: Increase D3 delay to sky2 stops working after suspend (bnc#1012382).
- slip: Check if rstate is initialized before uncompressing (bnc#1012382).
- sparc64: ldc abort during vds iso boot (bnc#1012382).
- spi: davinci: fix up dma_mapping_error() incorrect patch (bnc#1012382).
- staging: comedi: ni_mio_common: ack ai fifo error interrupts (bnc#1012382).
- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).
- staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before calling hfa384x_drvr_setconfig16, also fixes relative sparse warning (bnc#1012382).
- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).
- tags: honor COMPILED_SOURCE with apart output directory (bnc#1012382).
- tcp: better validation of received ack sequences (bnc#1012382).
- tcp: do not read out-of-bounds opsize (bnc#1012382).
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).
- team: avoid adding twice the same option to the event list (bnc#1012382).
- team: fix netconsole setup over team (bnc#1012382).
- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).
- thermal: power_allocator: fix one race condition issue for thermal_instances list (bnc#1012382).
- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).
- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).
- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).
- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).
- tty: n_gsm: Allow ADM response in addition to UA for control dlci (bnc#1012382).
- tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set (bnc#1012382).
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).
- tty: provide tty_name() even without CONFIG_TTY (bnc#1012382).
- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).
- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).
- ubi: Fix error for write access (bnc#1012382).
- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).
- ubi: Reject MLC NAND (bnc#1012382).
- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).
- Update config files, add expoline for s390x (bsc#1089393).
- Update patches.suse/x86-nospectre_v2-means-nospec-too.patch (bsc#1075994 bsc#1075091 bnc#1085958).
- usb: chipidea: properly handle host or gadget initialization failure (bnc#1012382).
- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).
- usb: dwc2: Improve gadget state disconnection handling (bnc#1012382).
- usb: dwc3: keystone: check return value (bnc#1012382).
- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).
- usb: ene_usb6250: fix first command execution (bnc#1012382).
- usb: ene_usb6250: fix SCSI residue overwriting (bnc#1012382).
- usb:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).
- usb: gadget: align buffer size when allocating for OUT endpoint (bnc#1012382).
- usb: gadget: change len to size_t on alloc_ep_req() (bnc#1012382).
- usb: gadget: define free_ep_req as universal function (bnc#1012382).
- usb: gadget: f_hid: fix: Prevent accessing released memory (bnc#1012382).
- usb: gadget: fix request length error for isoc transfer (git-fixes).
- usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align (bnc#1012382).
- usb: Increment wakeup count on remote wakeup (bnc#1012382).
- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).
- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).
- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).
- usb: serial: cp210x: add ELDAT Easywave RX09 id (bnc#1012382).
- usb: serial: cp210x: add ID for NI USB serial console (bnc#1012382).
- usb: serial: ftdi_sio: add RT Systems VX-8 cable (bnc#1012382).
- usb: serial: ftdi_sio: add support for Harman FirmwareHubEmulator (bnc#1012382).
- usb: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).
- usb: serial: simple: add libtransistor console (bnc#1012382).
- vfb: fix video mode and line_length being set when loaded (bnc#1012382).
- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).
- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).
- vfio-pci: Virtualize PCIe & AF FLR (bnc#1012382).
- vhost: correctly remove wait queue during poll failure (bnc#1012382).
- virtio: add ability to iterate over vqs (bnc#1012382).
- virtio_console: free buffers after reset (bnc#1012382).
- virtio_net: check return value of skb_to_sgvec always (bnc#1012382).
- virtio_net: check return value of skb_to_sgvec in one more location (bnc#1012382).
- vlan: also check phy_driver ts_info for vlan's real device (bnc#1012382).
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi (bnc#1012382).
- vmxnet3: ensure that adapter is in proper state during force_close (bnc#1012382).
- vrf: Fix use after free and double free in vrf_finish_output (bnc#1012382).
- vt: change SGR 21 to follow the standards (bnc#1012382).
- vti6: better validate user provided tunnel names (bnc#1012382).
- vxlan: dont migrate permanent fdb entries during learn (bnc#1012382).
- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).
- watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).
- wl1251: check return from call to wl1251_acx_arp_ip_filter (bnc#1012382).
- writeback: fix the wrong congested state variable definition (bnc#1012382).
- writeback: safer lock nesting (bnc#1012382).
- x86/asm: Do not use RBP as a temporary register in csum_partial_copy_generic() (bnc#1012382).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).
- x86/hweight: Do not clobber %rdi (bnc#1012382).
- x86/hweight: Get rid of the special calling convention (bnc#1012382).
- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).
- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263 #fate#322814).
- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263 #fate#322814).
- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263
- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263 #fate#322814).
- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263 #fate#322814).
- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).
- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263 #fate#322814).
- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263 #fate#322814).
- x86/platform/uv: Skip UV runtime services mapping in the efi_runtime_disabled case (bsc#1089925).
- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263 #fate#322814).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).
- x86/tsc: Provide 'tsc=unstable' boot parameter (bnc#1012382).
- xen: avoid type warning in xchg_xen_ulong (bnc#1012382).
- xen-netfront: Fix hang on device removal (bnc#1012382).
- xfrm: fix state migration copy replay sequence numbers (bnc#1012382).
- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems (bnc#1012382).
- xfrm_user: uncoditionally validate esn replay attribute struct (bnc#1012382).
- xfs: always verify the log tail during recovery (bsc#1036215).
- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).
- xfs: detect and trim torn writes during log recovery (bsc#1036215).
- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).
- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).
- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).
- xfs: refactor and open code log record crc check (bsc#1036215).
- xfs: refactor log record start detection into a new helper (bsc#1036215).
- xfs: return start block of first bad log record during recovery (bsc#1036215).
- xfs: support a crc verification only log record pass (bsc#1036215).
Patchnames
SUSE-SLE-DESKTOP-12-SP3-2018-955,SUSE-SLE-HA-12-SP3-2018-955,SUSE-SLE-Live-Patching-12-SP3-2018-955,SUSE-SLE-SDK-12-SP3-2018-955,SUSE-SLE-SERVER-12-SP3-2018-955,SUSE-SLE-WE-12-SP3-2018-955
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.131 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-3639: Information leaks using \u0027Memory Disambiguation\u0027 feature\n in modern CPUs were mitigated, aka \u0027Spectre Variant 4\u0027 (bnc#1087082).\n\n A new boot commandline option was introduced,\n \u0027spec_store_bypass_disable\u0027, which can have following values:\n\n - auto: Kernel detects whether your CPU model contains an implementation\n of Speculative Store Bypass and picks the most appropriate mitigation.\n - on: disable Speculative Store Bypass\n - off: enable Speculative Store Bypass\n - prctl: Control Speculative Store Bypass per thread via\n prctl. Speculative Store Bypass is enabled for a process by default. The\n state of the control is inherited on fork.\n - seccomp: Same as \u0027prctl\u0027 above, but all seccomp threads will disable\n SSB unless they explicitly opt out.\n\n The default is \u0027seccomp\u0027, meaning programs need explicit opt-in into the mitigation.\n\n Status can be queried via the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file, containing:\n\n - \u0027Vulnerable\u0027\n - \u0027Mitigation: Speculative Store Bypass disabled\u0027\n - \u0027Mitigation: Speculative Store Bypass disabled via prctl\u0027\n - \u0027Mitigation: Speculative Store Bypass disabled via prctl and seccomp\u0027\n\n\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c\n had an integer-overflow vulnerability allowing local users with access\n to the udldrmfb driver to obtain full read and write permissions on\n kernel physical pages, resulting in a code execution in kernel space\n (bnc#1090643).\n- CVE-2018-10124: The kill_something_info function in kernel/signal.c\n might have allowed local users to cause a denial of service via an\n INT_MIN argument (bnc#1089752).\n- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might\n have allowed local users to cause a denial of service by triggering an\n attempted use of the -INT_MIN value (bnc#1089608).\n- CVE-2018-1000199: An address corruption flaw was discovered while\n modifying a h/w breakpoint via \u0027modify_user_hw_breakpoint\u0027 routine, an\n unprivileged user/process could use this flaw to crash the system kernel\n resulting in DoS OR to potentially escalate privileges on a the system. (bsc#1089895)\n- CVE-2018-1130: The Linux kernel was vulnerable to a null pointer\n dereference in dccp_write_xmit() function in net/dccp/output.c in that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bnc#1092904).\n- CVE-2018-5803: An error in the _sctp_make_chunk() function when handling\n SCTP, packet length could have been exploited by a malicious local user\n to cause a kernel crash and a DoS. (bnc#1083900).\n- CVE-2018-1065: The netfilter subsystem mishandled the case of\n a rule blob that contains a jump but lacks a user-defined chain,\n which allowed local users to cause a denial of service (NULL\n pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN\n capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c,\n ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in\n net/ipv6/netfilter/ip6_tables.c (bnc#1083650 1091925).\n- CVE-2018-7492: A NULL pointer dereference was found in the\n net/rds/rdma.c __rds_rdma_map() function allowing local attackers to\n cause a system panic and a denial-of-service, related to RDS_GET_MR and\n RDS_GET_MR_FOR_DEST (bnc#1082962).\n\nThe following non-security bugs were fixed:\n\n- acpica: Disassembler: Abort on an invalid/unknown AML opcode (bnc#1012382).\n- acpica: Events: Add runtime stub support for event APIs (bnc#1012382).\n- acpi / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).\n- acpi, PCI, irq: remove redundant check for null string pointer (bnc#1012382).\n- acpi / scan: Send change uevent with offine environmental data (bsc#1082485).\n- acpi / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).\n- alsa: asihpi: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: control: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).\n- alsa: hda: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: hda - New VIA controller suppor no-snoop path (bnc#1012382).\n- alsa: hda/realtek - Add some fixes for ALC233 (bnc#1012382).\n- alsa: hdspm: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: line6: Use correct endpoint type for midi output (bnc#1012382).\n- alsa: opl3: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).\n- alsa: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).\n- alsa: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).\n- alsa: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).\n- alsa: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).\n- alsa: pcm: potential uninitialized return values (bnc#1012382).\n- alsa: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).\n- alsa: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bnc#1012382).\n- alsa: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).\n- alsa: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).\n- alsa: rme9652: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).\n- alsa: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).\n- alsa: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).\n- arm64: avoid overflow in VA_START and PAGE_OFFSET (bnc#1012382).\n- arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage (bnc#1012382).\n- arm: amba: Do not read past the end of sysfs \u0027driver_override\u0027 buffer (bnc#1012382).\n- arm: amba: Fix race condition with driver_override (bnc#1012382).\n- arm: amba: Make driver_override output consistent with other buses (bnc#1012382).\n- arm: davinci: da8xx: Create DSP device only when assigned memory (bnc#1012382).\n- arm: dts: am57xx-beagle-x15-common: Add overide powerhold property (bnc#1012382).\n- arm: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).\n- arm: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).\n- arm: dts: dra7: Add power hold and power controller properties to palmas (bnc#1012382).\n- arm: dts: imx53-qsrb: Pulldown PMIC IRQ pin (bnc#1012382).\n- arm: dts: imx6qdl-wandboard: Fix audio channel swap (bnc#1012382).\n- arm: dts: ls1021a: add \u0027fsl,ls1021a-esdhc\u0027 compatible string to esdhc node (bnc#1012382).\n- arm: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull (bnc#1012382).\n- arp: fix arp_filter on l3slave devices (bnc#1012382).\n- arp: honour gratuitous ARP _replies_ (bnc#1012382).\n- asoc: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).\n- asoc: Intel: cht_bsw_rt5645: Analog Mic support (bnc#1012382).\n- asoc: rsnd: SSI PIO adjust to 24bit mode (bnc#1012382).\n- asoc: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).\n- async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome() (bnc#1012382).\n- ata: libahci: properly propagate return value of platform_get_irq() (bnc#1012382).\n- ath5k: fix memory leak on buf on failed eeprom read (bnc#1012382).\n- ath9k_hw: check if the chip failed to wake up (bnc#1012382).\n- audit: add tty field to LOGIN event (bnc#1012382).\n- autofs: mount point create should honour passed in mode (bnc#1012382).\n- bcache: segregate flash only volume write streams (bnc#1012382).\n- bcache: stop writeback thread after detaching (bnc#1012382).\n- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)\n- blk-mq: fix bad clear of RQF_MQ_INFLIGHT in blk_mq_ct_ctx_init() (bsc#1085058).\n- blk-mq: fix kernel oops in blk_mq_tag_idle() (bnc#1012382).\n- block: correctly mask out flags in blk_rq_append_bio() (bsc#1085058).\n- block/loop: fix deadlock after loop_set_status (bnc#1012382).\n- block: sanity check for integrity intervals (bsc#1091728).\n- bluetooth: Fix missing encryption refresh on Security Request (bnc#1012382).\n- bluetooth: Send HCI Set Event Mask Page 2 command only when needed (bnc#1012382).\n- bna: Avoid reading past end of buffer (bnc#1012382).\n- bnx2x: Allow vfs to disable txvlan offload (bnc#1012382).\n- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).\n- bonding: Do not update slave-\u003elink until ready to commit (bnc#1012382).\n- bonding: fix the err path for dev hwaddr sync in bond_enslave (bnc#1012382).\n- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave (bnc#1012382).\n- bonding: process the err returned by dev_set_allmulti properly in bond_enslave (bnc#1012382).\n- btrfs: fix incorrect error return ret being passed to mapping_set_error (bnc#1012382).\n- btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).\n- btrfs: Only check first key for committed tree blocks (bsc#1084721).\n- btrfs: Validate child tree block\u0027s level and first key (bsc#1084721).\n- bus: brcmstb_gisb: correct support for 64-bit address output (bnc#1012382).\n- bus: brcmstb_gisb: Use register offsets with writes too (bnc#1012382).\n- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).\n- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).\n- ceph: adding protection for showing cap reservation info (bsc#1089115).\n- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).\n- ceph: check if mds create snaprealm when setting quota (fate#324665 bsc#1089115).\n- ceph: do not check quota for snap inode (fate#324665 bsc#1089115).\n- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).\n- ceph: fix root quota realm check (fate#324665 bsc#1089115).\n- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).\n- ceph: quota: add counter for snaprealms with quota (fate#324665 bsc#1089115).\n- ceph: quota: add initial infrastructure to support cephfs quotas (fate#324665 bsc#1089115).\n- ceph: quota: cache inode pointer in ceph_snap_realm (fate#324665 bsc#1089115).\n- ceph: quota: do not allow cross-quota renames (fate#324665 bsc#1089115).\n- ceph: quota: report root dir quota usage in statfs (fate#324665 bsc#1089115).\n- ceph: quota: support for ceph.quota.max_bytes (fate#324665 bsc#1089115).\n- ceph: quota: support for ceph.quota.max_files (fate#324665 bsc#1089115).\n- ceph: quota: update MDS when max_bytes is approaching (fate#324665 bsc#1089115).\n- cfg80211: make RATE_INFO_BW_20 the default (bnc#1012382).\n- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).\n- cifs: silence lockdep splat in cifs_relock_file() (bnc#1012382).\n- cifs: Use file_dentry() (bsc#1093008).\n- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).\n- clk: Fix __set_clk_rates error print-string (bnc#1012382).\n- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).\n- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).\n- clk: scpi: fix return type of __scpi_dvfs_round_rate (bnc#1012382).\n- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).\n- cpumask: Add helper cpumask_available() (bnc#1012382).\n- crypto: ahash - Fix early termination in hash walk (bnc#1012382).\n- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one (bnc#1012382).\n- cx25840: fix unchecked return values (bnc#1012382).\n- cxgb4: fix incorrect cim_la output for T6 (bnc#1012382).\n- cxgb4: Fix queue free path of ULD drivers (bsc#1022743 FATE#322540).\n- cxgb4: FW upgrade fixes (bnc#1012382).\n- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages (bnc#1012382).\n- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).\n- dmaengine: imx-sdma: Handle return value of clk_prepare_enable (bnc#1012382).\n- dm ioctl: remove double parentheses (bnc#1012382).\n- Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition (bnc#1012382).\n- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).\n- drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 (FATE#321732).\n- drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 (bnc#1024296,FATE#321265).\n- drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests (bnc#1012382).\n- drm/omap: fix tiled buffer stride calculations (bnc#1012382).\n- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).\n- drm/virtio: fix vq wait_event condition (bnc#1012382).\n- e1000e: fix race condition around skb_tstamp_tx() (bnc#1012382).\n- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails (bnc#1012382).\n- edac, mv64x60: Fix an error handling path (bnc#1012382).\n- Enable uinput driver (bsc#1092566).\n- esp: Fix memleaks on error paths (git-fixes).\n- ext4: add validity checks for bitmap block numbers (bnc#1012382).\n- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).\n- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).\n- ext4: fix bitmap position validation (bnc#1012382).\n- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).\n- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).\n- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() (bnc#1012382).\n- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).\n- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).\n- fanotify: fix logic of events on child (bnc#1012382).\n- fix race in drivers/char/random.c:get_reg() (bnc#1012382).\n- frv: declare jiffies to be located in the .data section (bnc#1012382).\n- fs: compat: Remove warning from COMPATIBLE_IOCTL (bnc#1012382).\n- fs/proc: Stop trying to report thread stacks (bnc#1012382).\n- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).\n- genirq: Use cpumask_available() for check of cpumask variable (bnc#1012382).\n- getname_kernel() needs to make sure that -\u003ename != -\u003einame in long case (bnc#1012382).\n- gpio: label descriptors using the device name (bnc#1012382).\n- hdlcdrv: Fix divide by zero in hdlcdrv_ioctl (bnc#1012382).\n- hid: core: Fix size as type u32 (bnc#1012382).\n- hid: Fix hid_report_len usage (bnc#1012382).\n- hid: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).\n- hid: i2c-hid: fix size check and type usage (bnc#1012382).\n- hwmon: (ina2xx) Fix access to uninitialized mutex (git-fixes).\n- hwmon: (ina2xx) Make calibration register value fixed (bnc#1012382).\n- hypfs_kill_super(): deal with failed allocations (bnc#1012382).\n- i40iw: Free IEQ resources (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- ib/core: Fix possible crash to access NULL netdev (bsc#966191 FATE#320230 bsc#966186 FATE#320228).\n- ib/core: Generate GID change event regardless of RoCE GID table property (bsc#966191 FATE#320230 bsc#966186 FATE#320228).\n- ib/mlx4: Fix corruption of RoCEv2 IPv4 GIDs (bsc#966191 FATE#320230 bsc#966186 FATE#320228).\n- ib/mlx4: Include GID type when deleting GIDs from HW table under RoCE (bsc#966191 FATE#320230 bsc#966186 FATE#320228).\n- ib/mlx5: Avoid passing an invalid QP type to firmware (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ib/mlx5: Fix an error code in __mlx5_ib_modify_qp() (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- ib/mlx5: Fix incorrect size of klms in the memory region (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- ib/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- ib/mlx5: revisit -Wmaybe-uninitialized warning (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ib/mlx5: Set the default active rate and width to QDR and 4X (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).\n- ibmvnic: Clear pending interrupt after device reset (bsc#1089644).\n- ibmvnic: Define vnic_login_client_data name field as unsized array (bsc#1089198).\n- ibmvnic: Do not notify peers on parameter change resets (bsc#1089198).\n- ibmvnic: Handle all login error conditions (bsc#1089198).\n- ib/srp: Fix completion vector assignment algorithm (bnc#1012382).\n- ib/srp: Fix srp_abort() (bnc#1012382).\n- ib/srpt: Fix abort handling (bnc#1012382).\n- ib/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() (bnc#1024296,FATE#321265).\n- iio: hi8435: avoid garbage event at first enable (bnc#1012382).\n- iio: hi8435: cleanup reset gpio (bnc#1012382).\n- iio: magnetometer: st_magn_spi: fix spi_device_id table (bnc#1012382).\n- input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).\n- input: ALPS - fix trackstick button handling on V8 devices (git-fixes).\n- input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).\n- input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).\n- input: drv260x - fix initializing overdrive voltage (bnc#1012382).\n- input: elan_i2c - check if device is there before really probing (bnc#1012382).\n- input: elan_i2c - clear INT before resetting controller (bnc#1012382).\n- input: elantech - force relative mode on a certain module (bnc#1012382).\n- input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list (bnc#1012382).\n- input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad (bnc#1012382).\n- input: mousedev - fix implicit conversion warning (bnc#1012382).\n- iommu/vt-d: Fix a potential memory leak (bnc#1012382).\n- ip6_gre: better validate user provided tunnel names (bnc#1012382).\n- ip6_tunnel: better validate user provided tunnel names (bnc#1012382).\n- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).\n- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799). Refresh patch to mainline version.\n- ipsec: check return value of skb_to_sgvec always (bnc#1012382).\n- ip_tunnel: better validate user provided tunnel names (bnc#1012382).\n- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).\n- ipv6: avoid dad-failures for addresses with NODAD (bnc#1012382).\n- ipv6: sit: better validate user provided tunnel names (bnc#1012382).\n- ipv6: the entire IPv6 header chain must fit the first fragment (bnc#1012382).\n- iw_cxgb4: print mapped ports correctly (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n- jbd2: fix use after free in kjournald2() (bnc#1012382).\n- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).\n- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).\n- jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp (bnc#1012382).\n- kABI: add tty include to audit.c (kabi).\n- kABI: protect hid report functions (kabi).\n- kABI: protect jiffies types (kabi).\n- kABI: protect skb_to_sgvec* (kabi).\n- kABI: protect sound/timer.h include in sound pcm.c (kabi).\n- kABI: protect struct cstate (kabi).\n- kABI: protect struct _lowcore (kabi).\n- kABI: protect tty include in audit.h (kabi).\n- kabi/severities: Ignore kgr_shadow_* kABI changes\n- kbuild: provide a __UNIQUE_ID for clang (bnc#1012382).\n- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).\n- keys: DNS: limit the length of option strings (bnc#1012382).\n- kGraft: fix small race in reversion code (bsc#1083125).\n- kobject: do not use WARN for registration failures (bnc#1012382).\n- kvm: Fix nopvspin static branch init usage (bsc#1056427).\n- kvm: Introduce nopvspin kernel parameter (bsc#1056427).\n- kvm: nVMX: Fix handling of lmsw instruction (bnc#1012382).\n- kvm: PPC: Book3S PR: Check copy_to/from_user return values (bnc#1012382).\n- kvm: SVM: do not zero out segment attributes if segment is unusable or not present (bnc#1012382).\n- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).\n- l2tp: fix missing print session offset info (bnc#1012382).\n- lan78xx: Correctly indicate invalid OTP (bnc#1012382).\n- leds: pca955x: Correct I2C Functionality (bnc#1012382).\n- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).\n- libceph: fix misjudgement of maximum monitor number (bsc#1089115).\n- libceph: reschedule a tick in finish_hunting() (bsc#1089115).\n- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).\n- libceph: validate con-\u003estate at the top of try_write() (bsc#1089115).\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).\n- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).\n- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).\n- llc: hold llc_sap before release_sock() (bnc#1012382).\n- llist: clang: introduce member_address_is_nonnull() (bnc#1012382).\n- lockd: fix lockd shutdown race (bnc#1012382).\n- lockd: lost rollback of set_grace_period() in lockd_down_net() (git-fixes).\n- mac80211: bail out from prep_connection() if a reconfig is ongoing (bnc#1012382).\n- mceusb: sporadic RX truncation corruption fix (bnc#1012382).\n- md: document lifetime of internal rdev pointer (bsc#1056415).\n- md: fix two problems with setting the \u0027re-add\u0027 device state (bsc#1089023).\n- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).\n- md raid10: fix NULL deference in handle_write_completed() (git-fixes).\n- md/raid10: reset the \u0027first\u0027 at the end of loop (bnc#1012382).\n- md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock (bnc#1012382).\n- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).\n- media: videobuf2-core: do not go out of the buffer range (bnc#1012382).\n- mei: remove dev_err message on an unsupported ioctl (bnc#1012382).\n- mISDN: Fix a sleep-in-atomic bug (bnc#1012382).\n- mlx5: fix bug reading rss_hash_type from CQE (bnc#1012382).\n- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).\n- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).\n- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).\n- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).\n- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).\n- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).\n- mtd: jedec_probe: Fix crash in jedec_read_mfr() (bnc#1012382).\n- neighbour: update neigh timestamps iff update is effective (bnc#1012382).\n- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).\n- net: cavium: liquidio: fix up \u0027Avoid dma_unmap_single on uninitialized ndata\u0027 (bnc#1012382).\n- net: cdc_ncm: Fix TX zero padding (bnc#1012382).\n- net: emac: fix reset timeout with AR8035 phy (bnc#1012382).\n- net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control (bnc#1012382).\n- netfilter: bridge: ebt_among: add more missing match size checks (bnc#1012382).\n- netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize (bnc#1012382).\n- netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch (bnc#1012382).\n- netfilter: nf_nat_h323: fix logical-not-parentheses warning (bnc#1012382).\n- netfilter: x_tables: add and use xt_check_proc_name (bnc#1012382).\n- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).\n- net: fix possible out-of-bound read in skb_network_protocol() (bnc#1012382).\n- net: fool proof dev_valid_name() (bnc#1012382).\n- net: freescale: fix potential null pointer dereference (bnc#1012382).\n- net: hns: Fix ethtool private flags (bnc#1012382 bsc#1085511).\n- net: ieee802154: fix net_device reference release too early (bnc#1012382).\n- net/ipv6: Fix route leaking between VRFs (bnc#1012382).\n- net/ipv6: Increment OUTxxx counters after netfilter hook (bnc#1012382).\n- netlink: make sure nladdr has correct size in netlink_connect() (bnc#1012382).\n- net: llc: add lock_sock in llc_ui_bind to avoid a race condition (bnc#1012382).\n- net/mlx4: Check if Granular QoS per VF has been enabled before updating QP qos_vport (bnc#1012382).\n- net/mlx4_core: Fix memory leak while delete slave\u0027s resources (bsc#966191 FATE#320230 bsc#966186 FATE#320228).\n- net/mlx4_en: Avoid adding steering rules with invalid ring (bnc#1012382).\n- net/mlx4_en: Fix mixed PFC and Global pause user control requests (bsc#1015336 FATE#321685 bsc#1015337 FATE#321686 bsc#1015340 FATE#321687).\n- net/mlx4: Fix the check in attaching steering rules (bnc#1012382).\n- net/mlx5: avoid build warning for uniprocessor (bnc#1012382).\n- net/mlx5e: Add error print in ETS init (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Check support before TC swap in ETS init (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: E-Switch, Use the name of static array instead of its address (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5e: Remove unused define MLX5_MPWRQ_STRIDES_PER_PAGE (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Fix error handling in load one (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Fix ingress/egress naming mistake (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Tolerate irq_set_affinity_hint() failures (bnc#1012382).\n- net: move somaxconn init from sysctl code (bnc#1012382).\n- net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support (bnc#1012382).\n- net: qca_spi: Fix alignment issues in rx path (bnc#1012382).\n- net sched actions: fix dumping which requires several messages to user space (bnc#1012382).\n- net/sched: fix NULL dereference in the error path of tcf_bpf_init() (bnc#1012382).\n- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).\n- net: x25: fix one potential use-after-free issue (bnc#1012382).\n- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (bnc#1012382).\n- nfsv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION (bnc#1012382).\n- nfsv4.1: Work around a Linux server bug.. (bnc#1012382).\n- nospec: Kill array_index_nospec_mask_check() (bnc#1012382).\n- nospec: Move array_index_nospec() parameter checking into separate macro (bnc#1012382).\n- ovl: filter trusted xattr for non-admin (bnc#1012382).\n- packet: fix bitfield update race (bnc#1012382).\n- parisc: Fix out of array access in match_pci_device() (bnc#1012382).\n- parport_pc: Add support for WCH CH382L PCI-E single parallel port card (bnc#1012382).\n- partitions/msdos: Unable to mount UFS 44bsd partitions (bnc#1012382).\n- pci/cxgb4: Extend T3 PCI quirk to T4+ devices (bsc#981348).\n- pci: Make PCI_ROM_ADDRESS_MASK a 32-bit constant (bnc#1012382).\n- perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1012382).\n- perf/core: Fix locking for children siblings group read (git-fixes).\n- perf header: Set proper module name when build-id event found (bnc#1012382).\n- perf/hwbp: Simplify the perf-hwbp code, fix documentation (bnc#1012382).\n- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).\n- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).\n- perf intel-pt: Fix sync_switch (bnc#1012382).\n- perf intel-pt: Fix timestamp following overflow (bnc#1012382).\n- perf probe: Add warning message if there is unexpected event name (bnc#1012382).\n- perf report: Ensure the perf DSO mapping matches what libdw sees (bnc#1012382).\n- perf: Return proper values for user stack errors (bnc#1012382).\n- perf tests: Decompress kernel module before objdump (bnc#1012382).\n- perf tools: Fix copyfile_offset update of output offset (bnc#1012382).\n- perf trace: Add mmap alias for s390 (bnc#1012382).\n- pidns: disable pid allocation if pid_ns_prepare_proc() is failed in alloc_pid() (bnc#1012382).\n- pNFS/flexfiles: missing error code in ff_layout_alloc_lseg() (bnc#1012382).\n- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).\n- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).\n- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).\n- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).\n- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).\n- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).\n- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).\n- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/[booke|4xx]: Do not clobber TCR[WP] when setting TCR[DIE] (bnc#1012382).\n- powerpc/crash: Remove the test for cpu_online in the IPI callback (bsc#1088242).\n- powerpc: Do not send system reset request through the oops path (bsc#1088242).\n- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).\n- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).\n- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).\n- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).\n- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).\n- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).\n- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).\n- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041). Update patches.suse/powerpc-pseries-rfi-flush-Call-setup_rfi_flush-after.patch (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/spufs: Fix coredump of SPU contexts (bnc#1012382).\n- powerpc: System reset avoid interleaving oops using die synchronisation (bsc#1088242).\n- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).\n- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).\n- pptp: remove a buggy dst release in pptp_connect() (bnc#1012382).\n- qlge: Avoid reading past end of buffer (bnc#1012382).\n- r8152: add Linksys USB3GIGV1 id (bnc#1012382).\n- r8169: fix setting driver_data after register_netdev (bnc#1012382).\n- radeon: hide pointless #warning when compile testing (bnc#1012382).\n- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).\n- random: use lockless method of accessing and updating f-\u003ereg_idx (bnc#1012382).\n- ray_cs: Avoid reading past end of buffer (bnc#1012382).\n- rdma/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access (FATE#321732).\n- rdma/mlx5: Protect from NULL pointer derefence (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- rdma/qedr: fix QP\u0027s ack timeout configuration (bsc#1022604 FATE#321747).\n- rdma/qedr: Fix QP state initialization race (bsc#1022604 FATE#321747).\n- rdma/qedr: Fix rc initialization on CNQ allocation failure (bsc#1022604 FATE#321747).\n- rdma/rxe: Fix an out-of-bounds read (FATE#322149).\n- rdma/ucma: Check AF family prior resolving address (bnc#1012382).\n- rdma/ucma: Check that device exists prior to accessing it (bnc#1012382).\n- rdma/ucma: Check that device is connected prior to access it (bnc#1012382).\n- rdma/ucma: Do not allow join attempts for unsupported AF family (bnc#1012382).\n- rdma/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).\n- rdma/ucma: Ensure that CM_ID exists prior to access it (bnc#1012382).\n- rdma/ucma: Fix use-after-free access in ucma_close (bnc#1012382).\n- rdma/ucma: Introduce safer rdma_addr_size() variants (bnc#1012382).\n- rds; Reset rs-\u003ers_bound_addr in rds_add_bound() failure path (bnc#1012382).\n- regulator: gpio: Fix some error handling paths in \u0027gpio_regulator_probe()\u0027 (bsc#1091960).\n- resource: fix integer overflow at reallocation (bnc#1012382).\n- Revert \u0027alsa: pcm: Fix mutex unbalance in OSS emulation ioctls\u0027 (kabi).\n- Revert \u0027alsa: pcm: Return -EBUSY for OSS ioctls changing busy streams\u0027 (kabi).\n- Revert \u0027arm: dts: am335x-pepper: Fix the audio CODEC\u0027s reset pin\u0027 (bnc#1012382).\n- Revert \u0027arm: dts: omap3-n900: Fix the audio CODEC\u0027s reset pin\u0027 (bnc#1012382).\n- Revert \u0027ath10k: send (re)assoc peer command when NSS changed\u0027 (bnc#1012382).\n- Revert \u0027cpufreq: Fix governor module removal race\u0027 (bnc#1012382).\n- Revert \u0027ip6_vti: adjust vti mtu according to mtu of lower device\u0027 (bnc#1012382).\n- Revert \u0027KVM: Fix stack-out-of-bounds read in write_mmio\u0027 (bnc#1083635).\n- Revert \u0027mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.\u0027 (kabi).\n- Revert \u0027mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.\u0027 (kabi).\n- Revert \u0027mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.\u0027 (kabi).\n- Revert \u0027mtip32xx: use runtime tag to initialize command header\u0027 (bnc#1012382).\n- Revert \u0027PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()\u0027 (bnc#1012382).\n- Revert \u0027perf tests: Decompress kernel module before objdump\u0027 (bnc#1012382).\n- Revert \u0027xhci: plat: Register shutdown for xhci_plat\u0027 (bnc#1012382).\n- rpc_pipefs: fix double-dput() (bnc#1012382).\n- rpm/config.sh: build against SP3 in OBS as well.\n- rpm/config.sh: ensure sorted patches.\n- rtc: interface: Validate alarm-time before handling rollover (bnc#1012382).\n- rtc: opal: Handle disabled TPO in opal_get_tpo_time() (bnc#1012382).\n- rtc: snvs: fix an incorrect check of return value (bnc#1012382).\n- rtl8187: Fix NULL pointer dereference in priv-\u003econf_mutex (bnc#1012382).\n- rxrpc: check return value of skb_to_sgvec always (bnc#1012382).\n- s390: add automatic detection of the spectre defense (bnc#1012382).\n- s390: add optimized array_index_mask_nospec (bnc#1012382).\n- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).\n- s390: add sysfs attributes for spectre (bnc#1012382).\n- s390/alternative: use a copy of the facility bit mask (bnc#1012382).\n- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).\n- s390: correct module section names for expoline code revert (bnc#1012382).\n- s390: correct nospec auto detection init order (bnc#1012382).\n- s390/dasd: fix hanging safe offline (bnc#1012382).\n- s390/dasd: fix IO error for newly defined devices (bnc#1093144, LTC#167398).\n- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).\n- s390: enable CPU alternatives unconditionally (bnc#1012382).\n- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).\n- s390: introduce execute-trampolines for branches (bnc#1012382).\n- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).\n- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).\n- s390: move _text symbol to address higher than zero (bnc#1012382).\n- s390/qdio: do not merge ERROR output buffers (bnc#1012382).\n- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).\n- s390/qeth: consolidate errno translation (bnc#1093144, LTC#167507).\n- s390/qeth: fix MAC address update sequence (bnc#1093144, LTC#167609).\n- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, LTC#167507).\n- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).\n- s390: report spectre mitigation via syslog (bnc#1012382).\n- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).\n- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).\n- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).\n- sched/numa: Use down_read_trylock() for the mmap_sem (bnc#1012382).\n- scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats() (bnc#1012382).\n- scsi: libiscsi: Allow sd_shutdown on bad transport (bnc#1012382).\n- scsi: libsas: initialize sas_phy status according to response of DISCOVER (bnc#1012382).\n- scsi: lpfc: Add per io channel NVME IO statistics (bsc#1088865).\n- scsi: lpfc: Correct missing remoteport registration during link bounces (bsc#1088865).\n- scsi: lpfc: Correct target queue depth application changes (bsc#1088865).\n- scsi: lpfc: Enlarge nvmet asynchronous receive buffer counts (bsc#1088865).\n- scsi: lpfc: Fix Abort request WQ selection (bsc#1088865).\n- scsi: lpfc: Fix driver not recovering NVME rports during target link faults (bsc#1088865).\n- scsi: lpfc: Fix lingering lpfc_wq resource after driver unload (bsc#1088865).\n- scsi: lpfc: Fix multiple PRLI completion error path (bsc#1088865).\n- scsi: lpfc: Fix NULL pointer access in lpfc_nvme_info_show (bsc#1088865).\n- scsi: lpfc: Fix NULL pointer reference when resetting adapter (bsc#1088865).\n- scsi: lpfc: Fix nvme remoteport registration race conditions (bsc#1088865).\n- scsi: lpfc: Fix WQ/CQ creation for older asic\u0027s (bsc#1088865).\n- scsi: lpfc: update driver version to 11.4.0.7-2 (bsc#1088865).\n- scsi: mpt3sas: Proper handling of set/clear of \u0027ATA command pending\u0027 flag (bnc#1012382).\n- scsi: mptsas: Disable WRITE SAME (bnc#1012382).\n- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).\n- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: do not leak kernel memory to user space (bnc#1012382).\n- sctp: fix recursive locking warning in sctp_do_peeloff (bnc#1012382).\n- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 (bnc#1012382).\n- selftests/powerpc: Fix TM resched DSCR test with some compilers (bnc#1012382).\n- selinux: do not check open permission on sockets (bnc#1012382).\n- selinux: Remove redundant check for unknown labeling behavior (bnc#1012382).\n- selinux: Remove unnecessary check of array base in selinux_set_mapping() (bnc#1012382).\n- serial: 8250: omap: Disable DMA for console UART (bnc#1012382).\n- serial: mctrl_gpio: Add missing module license (bnc#1012382).\n- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).\n- serial: sh-sci: Fix race condition causing garbage during shutdown (bnc#1012382).\n- sh_eth: Use platform device for printing before register_netdev() (bnc#1012382).\n- sit: reload iphdr in ipip6_rcv (bnc#1012382).\n- skbuff: only inherit relevant tx_flags (bnc#1012382).\n- skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow (bnc#1012382).\n- sky2: Increase D3 delay to sky2 stops working after suspend (bnc#1012382).\n- slip: Check if rstate is initialized before uncompressing (bnc#1012382).\n- sparc64: ldc abort during vds iso boot (bnc#1012382).\n- spi: davinci: fix up dma_mapping_error() incorrect patch (bnc#1012382).\n- staging: comedi: ni_mio_common: ack ai fifo error interrupts (bnc#1012382).\n- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).\n- staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before calling hfa384x_drvr_setconfig16, also fixes relative sparse warning (bnc#1012382).\n- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).\n- tags: honor COMPILED_SOURCE with apart output directory (bnc#1012382).\n- tcp: better validation of received ack sequences (bnc#1012382).\n- tcp: do not read out-of-bounds opsize (bnc#1012382).\n- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).\n- team: avoid adding twice the same option to the event list (bnc#1012382).\n- team: fix netconsole setup over team (bnc#1012382).\n- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).\n- thermal: power_allocator: fix one race condition issue for thermal_instances list (bnc#1012382).\n- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).\n- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).\n- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).\n- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).\n- tty: n_gsm: Allow ADM response in addition to UA for control dlci (bnc#1012382).\n- tty: n_gsm: Fix DLCI handling for ADM mode if debug \u0026 2 is not set (bnc#1012382).\n- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).\n- tty: provide tty_name() even without CONFIG_TTY (bnc#1012382).\n- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).\n- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).\n- ubi: Fix error for write access (bnc#1012382).\n- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).\n- ubi: Reject MLC NAND (bnc#1012382).\n- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).\n- Update config files, add expoline for s390x (bsc#1089393).\n- Update patches.suse/x86-nospectre_v2-means-nospec-too.patch (bsc#1075994 bsc#1075091 bnc#1085958).\n- usb: chipidea: properly handle host or gadget initialization failure (bnc#1012382).\n- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).\n- usb: dwc2: Improve gadget state disconnection handling (bnc#1012382).\n- usb: dwc3: keystone: check return value (bnc#1012382).\n- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).\n- usb: ene_usb6250: fix first command execution (bnc#1012382).\n- usb: ene_usb6250: fix SCSI residue overwriting (bnc#1012382).\n- usb:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).\n- usb: gadget: align buffer size when allocating for OUT endpoint (bnc#1012382).\n- usb: gadget: change len to size_t on alloc_ep_req() (bnc#1012382).\n- usb: gadget: define free_ep_req as universal function (bnc#1012382).\n- usb: gadget: f_hid: fix: Prevent accessing released memory (bnc#1012382).\n- usb: gadget: fix request length error for isoc transfer (git-fixes).\n- usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align (bnc#1012382).\n- usb: Increment wakeup count on remote wakeup (bnc#1012382).\n- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).\n- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).\n- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).\n- usb: serial: cp210x: add ELDAT Easywave RX09 id (bnc#1012382).\n- usb: serial: cp210x: add ID for NI USB serial console (bnc#1012382).\n- usb: serial: ftdi_sio: add RT Systems VX-8 cable (bnc#1012382).\n- usb: serial: ftdi_sio: add support for Harman FirmwareHubEmulator (bnc#1012382).\n- usb: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).\n- usb: serial: simple: add libtransistor console (bnc#1012382).\n- vfb: fix video mode and line_length being set when loaded (bnc#1012382).\n- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).\n- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).\n- vfio-pci: Virtualize PCIe \u0026 AF FLR (bnc#1012382).\n- vhost: correctly remove wait queue during poll failure (bnc#1012382).\n- virtio: add ability to iterate over vqs (bnc#1012382).\n- virtio_console: free buffers after reset (bnc#1012382).\n- virtio_net: check return value of skb_to_sgvec always (bnc#1012382).\n- virtio_net: check return value of skb_to_sgvec in one more location (bnc#1012382).\n- vlan: also check phy_driver ts_info for vlan\u0027s real device (bnc#1012382).\n- vlan: Fix reading memory beyond skb-\u003etail in skb_vlan_tagged_multi (bnc#1012382).\n- vmxnet3: ensure that adapter is in proper state during force_close (bnc#1012382).\n- vrf: Fix use after free and double free in vrf_finish_output (bnc#1012382).\n- vt: change SGR 21 to follow the standards (bnc#1012382).\n- vti6: better validate user provided tunnel names (bnc#1012382).\n- vxlan: dont migrate permanent fdb entries during learn (bnc#1012382).\n- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).\n- watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).\n- wl1251: check return from call to wl1251_acx_arp_ip_filter (bnc#1012382).\n- writeback: fix the wrong congested state variable definition (bnc#1012382).\n- writeback: safer lock nesting (bnc#1012382).\n- x86/asm: Do not use RBP as a temporary register in csum_partial_copy_generic() (bnc#1012382).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).\n- x86/hweight: Do not clobber %rdi (bnc#1012382).\n- x86/hweight: Get rid of the special calling convention (bnc#1012382).\n- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).\n- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263 #fate#322814).\n- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263 #fate#322814).\n- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263\n- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263 #fate#322814).\n- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263 #fate#322814).\n- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).\n- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263 #fate#322814).\n- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263 #fate#322814).\n- x86/platform/uv: Skip UV runtime services mapping in the efi_runtime_disabled case (bsc#1089925).\n- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263 #fate#322814).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).\n- x86/tsc: Provide \u0027tsc=unstable\u0027 boot parameter (bnc#1012382).\n- xen: avoid type warning in xchg_xen_ulong (bnc#1012382).\n- xen-netfront: Fix hang on device removal (bnc#1012382).\n- xfrm: fix state migration copy replay sequence numbers (bnc#1012382).\n- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems (bnc#1012382).\n- xfrm_user: uncoditionally validate esn replay attribute struct (bnc#1012382).\n- xfs: always verify the log tail during recovery (bsc#1036215).\n- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).\n- xfs: detect and trim torn writes during log recovery (bsc#1036215).\n- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).\n- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).\n- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).\n- xfs: refactor and open code log record crc check (bsc#1036215).\n- xfs: refactor log record start detection into a new helper (bsc#1036215).\n- xfs: return start block of first bad log record during recovery (bsc#1036215).\n- xfs: support a crc verification only log record pass (bsc#1036215).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-955,SUSE-SLE-HA-12-SP3-2018-955,SUSE-SLE-Live-Patching-12-SP3-2018-955,SUSE-SLE-SDK-12-SP3-2018-955,SUSE-SLE-SERVER-12-SP3-2018-955,SUSE-SLE-WE-12-SP3-2018-955",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1366-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1366-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181366-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1366-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004070.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005778",
"url": "https://bugzilla.suse.com/1005778"
},
{
"category": "self",
"summary": "SUSE Bug 1005780",
"url": "https://bugzilla.suse.com/1005780"
},
{
"category": "self",
"summary": "SUSE Bug 1005781",
"url": "https://bugzilla.suse.com/1005781"
},
{
"category": "self",
"summary": "SUSE Bug 1009062",
"url": "https://bugzilla.suse.com/1009062"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1015336",
"url": "https://bugzilla.suse.com/1015336"
},
{
"category": "self",
"summary": "SUSE Bug 1015337",
"url": "https://bugzilla.suse.com/1015337"
},
{
"category": "self",
"summary": "SUSE Bug 1015340",
"url": "https://bugzilla.suse.com/1015340"
},
{
"category": "self",
"summary": "SUSE Bug 1015342",
"url": "https://bugzilla.suse.com/1015342"
},
{
"category": "self",
"summary": "SUSE Bug 1015343",
"url": "https://bugzilla.suse.com/1015343"
},
{
"category": "self",
"summary": "SUSE Bug 1022604",
"url": "https://bugzilla.suse.com/1022604"
},
{
"category": "self",
"summary": "SUSE Bug 1022743",
"url": "https://bugzilla.suse.com/1022743"
},
{
"category": "self",
"summary": "SUSE Bug 1024296",
"url": "https://bugzilla.suse.com/1024296"
},
{
"category": "self",
"summary": "SUSE Bug 1031492",
"url": "https://bugzilla.suse.com/1031492"
},
{
"category": "self",
"summary": "SUSE Bug 1036215",
"url": "https://bugzilla.suse.com/1036215"
},
{
"category": "self",
"summary": "SUSE Bug 1043598",
"url": "https://bugzilla.suse.com/1043598"
},
{
"category": "self",
"summary": "SUSE Bug 1044596",
"url": "https://bugzilla.suse.com/1044596"
},
{
"category": "self",
"summary": "SUSE Bug 1056415",
"url": "https://bugzilla.suse.com/1056415"
},
{
"category": "self",
"summary": "SUSE Bug 1056427",
"url": "https://bugzilla.suse.com/1056427"
},
{
"category": "self",
"summary": "SUSE Bug 1060799",
"url": "https://bugzilla.suse.com/1060799"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1075087",
"url": "https://bugzilla.suse.com/1075087"
},
{
"category": "self",
"summary": "SUSE Bug 1075091",
"url": "https://bugzilla.suse.com/1075091"
},
{
"category": "self",
"summary": "SUSE Bug 1075994",
"url": "https://bugzilla.suse.com/1075994"
},
{
"category": "self",
"summary": "SUSE Bug 1076263",
"url": "https://bugzilla.suse.com/1076263"
},
{
"category": "self",
"summary": "SUSE Bug 1080157",
"url": "https://bugzilla.suse.com/1080157"
},
{
"category": "self",
"summary": "SUSE Bug 1082153",
"url": "https://bugzilla.suse.com/1082153"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1082485",
"url": "https://bugzilla.suse.com/1082485"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1083635",
"url": "https://bugzilla.suse.com/1083635"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1084721",
"url": "https://bugzilla.suse.com/1084721"
},
{
"category": "self",
"summary": "SUSE Bug 1085058",
"url": "https://bugzilla.suse.com/1085058"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1085511",
"url": "https://bugzilla.suse.com/1085511"
},
{
"category": "self",
"summary": "SUSE Bug 1085958",
"url": "https://bugzilla.suse.com/1085958"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1088242",
"url": "https://bugzilla.suse.com/1088242"
},
{
"category": "self",
"summary": "SUSE Bug 1088865",
"url": "https://bugzilla.suse.com/1088865"
},
{
"category": "self",
"summary": "SUSE Bug 1089023",
"url": "https://bugzilla.suse.com/1089023"
},
{
"category": "self",
"summary": "SUSE Bug 1089115",
"url": "https://bugzilla.suse.com/1089115"
},
{
"category": "self",
"summary": "SUSE Bug 1089198",
"url": "https://bugzilla.suse.com/1089198"
},
{
"category": "self",
"summary": "SUSE Bug 1089393",
"url": "https://bugzilla.suse.com/1089393"
},
{
"category": "self",
"summary": "SUSE Bug 1089608",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "self",
"summary": "SUSE Bug 1089644",
"url": "https://bugzilla.suse.com/1089644"
},
{
"category": "self",
"summary": "SUSE Bug 1089752",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1089925",
"url": "https://bugzilla.suse.com/1089925"
},
{
"category": "self",
"summary": "SUSE Bug 1090225",
"url": "https://bugzilla.suse.com/1090225"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE Bug 1090658",
"url": "https://bugzilla.suse.com/1090658"
},
{
"category": "self",
"summary": "SUSE Bug 1090663",
"url": "https://bugzilla.suse.com/1090663"
},
{
"category": "self",
"summary": "SUSE Bug 1090708",
"url": "https://bugzilla.suse.com/1090708"
},
{
"category": "self",
"summary": "SUSE Bug 1090718",
"url": "https://bugzilla.suse.com/1090718"
},
{
"category": "self",
"summary": "SUSE Bug 1090734",
"url": "https://bugzilla.suse.com/1090734"
},
{
"category": "self",
"summary": "SUSE Bug 1090953",
"url": "https://bugzilla.suse.com/1090953"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1091325",
"url": "https://bugzilla.suse.com/1091325"
},
{
"category": "self",
"summary": "SUSE Bug 1091728",
"url": "https://bugzilla.suse.com/1091728"
},
{
"category": "self",
"summary": "SUSE Bug 1091925",
"url": "https://bugzilla.suse.com/1091925"
},
{
"category": "self",
"summary": "SUSE Bug 1091960",
"url": "https://bugzilla.suse.com/1091960"
},
{
"category": "self",
"summary": "SUSE Bug 1092289",
"url": "https://bugzilla.suse.com/1092289"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092566",
"url": "https://bugzilla.suse.com/1092566"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1093008",
"url": "https://bugzilla.suse.com/1093008"
},
{
"category": "self",
"summary": "SUSE Bug 1093144",
"url": "https://bugzilla.suse.com/1093144"
},
{
"category": "self",
"summary": "SUSE Bug 1093215",
"url": "https://bugzilla.suse.com/1093215"
},
{
"category": "self",
"summary": "SUSE Bug 1094019",
"url": "https://bugzilla.suse.com/1094019"
},
{
"category": "self",
"summary": "SUSE Bug 802154",
"url": "https://bugzilla.suse.com/802154"
},
{
"category": "self",
"summary": "SUSE Bug 966170",
"url": "https://bugzilla.suse.com/966170"
},
{
"category": "self",
"summary": "SUSE Bug 966172",
"url": "https://bugzilla.suse.com/966172"
},
{
"category": "self",
"summary": "SUSE Bug 966186",
"url": "https://bugzilla.suse.com/966186"
},
{
"category": "self",
"summary": "SUSE Bug 966191",
"url": "https://bugzilla.suse.com/966191"
},
{
"category": "self",
"summary": "SUSE Bug 969476",
"url": "https://bugzilla.suse.com/969476"
},
{
"category": "self",
"summary": "SUSE Bug 969477",
"url": "https://bugzilla.suse.com/969477"
},
{
"category": "self",
"summary": "SUSE Bug 981348",
"url": "https://bugzilla.suse.com/981348"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10124 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-05-22T11:33:23Z",
"generator": {
"date": "2018-05-22T11:33:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1366-1",
"initial_release_date": "2018-05-22T11:33:23Z",
"revision_history": [
{
"date": "2018-05-22T11:33:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-4.4.131-94.29.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.131-94.29.1.aarch64",
"product_id": "kernel-obs-build-4.4.131-94.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.131-94.29.1.aarch64",
"product": {
"name": "kernel-default-4.4.131-94.29.1.aarch64",
"product_id": "kernel-default-4.4.131-94.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.131-94.29.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.131-94.29.1.aarch64",
"product_id": "kernel-default-base-4.4.131-94.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.131-94.29.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.131-94.29.1.aarch64",
"product_id": "kernel-default-devel-4.4.131-94.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.131-94.29.1.aarch64",
"product": {
"name": "kernel-syms-4.4.131-94.29.1.aarch64",
"product_id": "kernel-syms-4.4.131-94.29.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.131-94.29.1.noarch",
"product": {
"name": "kernel-devel-4.4.131-94.29.1.noarch",
"product_id": "kernel-devel-4.4.131-94.29.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.131-94.29.1.noarch",
"product": {
"name": "kernel-macros-4.4.131-94.29.1.noarch",
"product_id": "kernel-macros-4.4.131-94.29.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.131-94.29.1.noarch",
"product": {
"name": "kernel-source-4.4.131-94.29.1.noarch",
"product_id": "kernel-source-4.4.131-94.29.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.131-94.29.1.noarch",
"product": {
"name": "kernel-docs-4.4.131-94.29.1.noarch",
"product_id": "kernel-docs-4.4.131-94.29.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"product": {
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"product_id": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.131-94.29.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.131-94.29.1.ppc64le",
"product_id": "kernel-obs-build-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.131-94.29.1.ppc64le",
"product": {
"name": "kernel-default-4.4.131-94.29.1.ppc64le",
"product_id": "kernel-default-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.131-94.29.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.131-94.29.1.ppc64le",
"product_id": "kernel-default-base-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.131-94.29.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.131-94.29.1.ppc64le",
"product_id": "kernel-default-devel-4.4.131-94.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.131-94.29.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.131-94.29.1.ppc64le",
"product_id": "kernel-syms-4.4.131-94.29.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.131-94.29.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.131-94.29.1.s390x",
"product_id": "dlm-kmp-default-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.131-94.29.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.s390x",
"product_id": "gfs2-kmp-default-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.131-94.29.1.s390x",
"product_id": "kernel-obs-build-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-default-4.4.131-94.29.1.s390x",
"product_id": "kernel-default-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-default-base-4.4.131-94.29.1.s390x",
"product_id": "kernel-default-base-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.131-94.29.1.s390x",
"product_id": "kernel-default-devel-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-default-man-4.4.131-94.29.1.s390x",
"product_id": "kernel-default-man-4.4.131-94.29.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.131-94.29.1.s390x",
"product": {
"name": "kernel-syms-4.4.131-94.29.1.s390x",
"product_id": "kernel-syms-4.4.131-94.29.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-default-4.4.131-94.29.1.x86_64",
"product_id": "kernel-default-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.131-94.29.1.x86_64",
"product_id": "kernel-default-devel-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.131-94.29.1.x86_64",
"product_id": "kernel-default-extra-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-syms-4.4.131-94.29.1.x86_64",
"product_id": "kernel-syms-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.131-94.29.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.131-94.29.1.x86_64",
"product_id": "dlm-kmp-default-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"product": {
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"product_id": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.131-94.29.1.x86_64",
"product_id": "kernel-obs-build-4.4.131-94.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.131-94.29.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.131-94.29.1.x86_64",
"product_id": "kernel-default-base-4.4.131-94.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-devel-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-macros-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-source-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le"
},
"product_reference": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64"
},
"product_reference": "kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-docs-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-man-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-devel-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-macros-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-source-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-default-man-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-devel-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-macros-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.131-94.29.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch"
},
"product_reference": "kernel-source-4.4.131-94.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-syms-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.131-94.29.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.131-94.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-10087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10087"
}
],
"notes": [
{
"category": "general",
"text": "The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10087",
"url": "https://www.suse.com/security/cve/CVE-2018-10087"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089608 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "low"
}
],
"title": "CVE-2018-10087"
},
{
"cve": "CVE-2018-10124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10124"
}
],
"notes": [
{
"category": "general",
"text": "The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10124",
"url": "https://www.suse.com/security/cve/CVE-2018-10124"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089752 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-10124"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_131-94_29-default-1-4.5.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.131-94.29.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.131-94.29.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.131-94.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-22T11:33:23Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
}
]
}
wid-sec-w-2022-0532
Vulnerability from csaf_certbund
Published
2018-05-01 22:00
Modified
2025-07-20 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Oracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Appliance
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Debian ist eine Linux-Distribution, die ausschlie\u00dflich Freie Software enth\u00e4lt.\r\nOracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verf\u00fcgbar ist.\r\nDer Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, einen Denial of Service Angriff durchzuf\u00fchren, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0532 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2022-0532.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0532 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0532"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4187-1 vom 2018-05-01",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4188-1 vom 2018-05-01",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4088 vom 2018-05-01",
"url": "https://linux.oracle.com/errata/ELSA-2018-4088.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4087 vom 2018-05-01",
"url": "https://linux.oracle.com/errata/ELSA-2018-4087.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4089 vom 2018-05-02",
"url": "http://linux.oracle.com/errata/ELSA-2018-4089.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1173-1 vom 2018-05-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181173-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1172-1 vom 2018-05-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181172-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1318 vom 2018-05-09",
"url": "http://www.auscert.org.au/bulletins/62478"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1355 vom 2018-05-09",
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1318 vom 2018-05-09",
"url": "http://linux.oracle.com/errata/ELSA-2018-1318.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1217-1 vom 2018-05-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1238-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1225-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1240-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1230-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1223-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1228-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1236-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1239-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1231-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1229-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1237-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1232-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1227-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1234-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1233-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1226-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1235-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1222-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1224-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1263-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1221-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1220-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1249-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1246-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1252-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1260-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1270-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1262-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1242-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1268-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1248-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1258-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1272-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1250-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1253-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1241-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1259-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1256-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1245-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1264-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1254-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1266-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1269-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1251-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1255-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1273-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1243-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1244-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1261-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1267-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1247-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1257-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1374 vom 2018-05-16",
"url": "https://access.redhat.com/errata/RHSA-2018:1374"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1309-1 vom 2018-05-17",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181309-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1629 vom 2018-05-22",
"url": "http://linux.oracle.com/errata/ELSA-2018-1629.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4114 vom 2018-05-23",
"url": "http://linux.oracle.com/errata/ELSA-2018-4114.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1366-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181366-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1375-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181375-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1376-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181376-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1386-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181386-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1368-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181368-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1374-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181374-1.html"
},
{
"category": "external",
"summary": "Oraclevm-errata OVMSA-2018-0223 vom 2018-05-23",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2018-May/000858.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1465-1 vom 2018-05-30",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181465-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1498-1 vom 2018-06-05",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181498-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1508-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181508-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1551-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181551-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1525-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181525-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1536-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181536-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1511-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181511-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1545-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181545-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1522-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181522-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1530-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181530-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1534-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181534-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1524-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181524-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1505-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181505-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1510-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181510-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1516-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181516-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1523-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181523-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1532-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181532-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1531-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181531-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1521-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181521-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1518-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181518-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1506-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181506-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1548-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181548-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1514-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181514-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1541-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181541-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1546-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181546-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1519-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181519-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1509-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181509-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1528-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181528-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1537-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181537-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1513-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181513-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1512-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181512-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1538-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181538-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1517-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181517-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1535-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181535-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1529-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181529-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1549-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181549-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1540-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181540-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1520-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181520-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1526-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181526-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1533-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181533-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1539-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181539-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1543-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181543-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1571-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181571-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1570-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181570-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1567-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181567-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1636-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181636-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1644-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181644-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1639-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181639-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1645-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181645-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1641-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181641-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1640-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181640-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1637-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181637-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1648-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181648-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1642-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181642-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1643-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181643-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4145 vom 2018-06-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4145.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4134 vom 2018-06-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4134.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1762-1 vom 2018-06-20",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181762-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1761-1 vom 2018-06-20",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181761-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1772-1 vom 2018-06-21",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181772-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1816-1 vom 2018-06-26",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26",
"url": "http://linux.oracle.com/errata/ELSA-2018-1854.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3698-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3698-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3697-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3697-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3696-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3696-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4161 vom 2018-07-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4161.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4164 vom 2018-07-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-4164.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2162 vom 2018-07-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-2162.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2082-1 vom 2018-07-28",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182082-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2092-1 vom 2018-07-28",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182092-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2150-1 vom 2018-08-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182150-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2222-1 vom 2018-08-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182222-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4193 vom 2018-08-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4193.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2384 vom 2018-08-15",
"url": "http://linux.oracle.com/errata/ELSA-2018-2384.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2390 vom 2018-08-15",
"url": "http://linux.oracle.com/errata/ELSA-2018-2390.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-14",
"url": "http://rhn.redhat.com/errata/RHSA-2018-2390.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-14",
"url": "http://rhn.redhat.com/errata/RHSA-2018-2384.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2387 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2388 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2388"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2389 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2389"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2395 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2391 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2391"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2392 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2392"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2393 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2393"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2394 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2396 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2332-1 vom 2018-08-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182332-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2366-1 vom 2018-08-16",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182366-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4200 vom 2018-08-17",
"url": "http://linux.oracle.com/errata/ELSA-2018-4200.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2637-1 vom 2018-09-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182637-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2631-1 vom 2018-09-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182631-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4211 vom 2018-09-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4211.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4308 vom 2018-10-01",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3003-1 vom 2018-10-04",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3004-1 vom 2018-10-04",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183004-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3084-1 vom 2018-10-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183084-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4242 vom 2018-10-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4242.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4245 vom 2018-10-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-4245.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4250 vom 2018-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2018-4250.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2948 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:3096 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:3083 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3589-1 vom 2018-11-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3593-1 vom 2018-11-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183593-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-3083 vom 2018-11-06",
"url": "http://linux.oracle.com/errata/ELSA-2018-3083.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3659-1 vom 2018-11-08",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183659-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4268 vom 2018-11-08",
"url": "http://linux.oracle.com/errata/ELSA-2018-4268.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4269 vom 2018-11-08",
"url": "http://linux.oracle.com/errata/ELSA-2018-4269.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4285 vom 2018-11-21",
"url": "http://linux.oracle.com/errata/ELSA-2018-4285.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3934-1 vom 2018-11-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3961-1 vom 2018-12-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4301 vom 2018-12-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4301.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4304 vom 2018-12-12",
"url": "http://linux.oracle.com/errata/ELSA-2018-4304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:4069-1 vom 2018-12-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184069-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:4072-1 vom 2018-12-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184072-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4315 vom 2019-01-03",
"url": "http://linux.oracle.com/errata/ELSA-2019-4315.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4316 vom 2019-01-04",
"url": "http://linux.oracle.com/errata/ELSA-2019-4316.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4317 vom 2019-01-05",
"url": "http://linux.oracle.com/errata/ELSA-2019-4317.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:0095-1 vom 2019-01-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190095-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3880-2 vom 2019-02-05",
"url": "https://usn.ubuntu.com/3880-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3910-1 vom 2019-03-16",
"url": "https://usn.ubuntu.com/3910-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3910-1 vom 2019-03-16",
"url": "https://usn.ubuntu.com/3910-2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:0641 vom 2019-03-26",
"url": "https://access.redhat.com/errata/RHSA-2019:0641"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4596 vom 2019-04-01",
"url": "http://linux.oracle.com/errata/ELSA-2019-4596.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2019-0014 vom 2019-05-03",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-May/000936.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1190 vom 2019-05-15",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1170 vom 2019-05-15",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1487 vom 2019-06-18",
"url": "https://access.redhat.com/errata/RHSA-2019:1487"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1483 vom 2019-06-18",
"url": "https://access.redhat.com/errata/RHSA-2019:1483"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2029 vom 2019-08-06",
"url": "https://access.redhat.com/errata/RHSA-2019:2029"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2043 vom 2019-08-06",
"url": "https://access.redhat.com/errata/RHSA-2019:2043"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4742 vom 2019-08-10",
"url": "http://linux.oracle.com/errata/ELSA-2019-4742.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-2029 vom 2019-08-14",
"url": "http://linux.oracle.com/errata/ELSA-2019-2029.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2430-1 vom 2019-09-23",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2450-1 vom 2019-09-24",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192450-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4163-1 vom 2019-10-22",
"url": "https://usn.ubuntu.com/4163-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4163-2 vom 2019-10-23",
"url": "https://usn.ubuntu.com/4163-2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:4154 vom 2019-12-10",
"url": "https://access.redhat.com/errata/RHSA-2019:4154"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:4159 vom 2019-12-10",
"url": "https://access.redhat.com/errata/RHSA-2019:4159"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2018-252 vom 2020-01-07",
"url": "https://downloads.avaya.com/css/P8/documents/101051981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0036 vom 2020-01-07",
"url": "https://access.redhat.com/errata/RHSA-2020:0036"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA 2148 vom 2020-04-01",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1587-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006912.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1603-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006927.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006921.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006932.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1604-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006931.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006928.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006924.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006930.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006929.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1671-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006966.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1656-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006977.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1663-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006971.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1646-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006970.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1754-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007033.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1758-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007031.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1775-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007036.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2156-1 vom 2020-08-07",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007238.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2323 vom 2020-08-12",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00019.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4486-1 vom 2020-09-02",
"url": "https://usn.ubuntu.com/4486-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2478-1 vom 2020-09-03",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007345.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2487-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007352.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2861-1 vom 2021-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009366.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2862-1 vom 2021-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009367.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9473 vom 2021-10-08",
"url": "http://linux.oracle.com/errata/ELSA-2021-9473.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0035 vom 2021-10-12",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-October/001033.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1988 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1975 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3065 vom 2022-07-01",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9969 vom 2022-11-01",
"url": "https://linux.oracle.com/errata/ELSA-2022-9969.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1848-1 vom 2023-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014466.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1897-1 vom 2023-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014485.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1992-1 vom 2023-04-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014572.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1176-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020671.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1183-1 vom 2025-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020678.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1195-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020680.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1194-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020681.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1241-1 vom 2025-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020694.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20480 vom 2025-07-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-20480.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-20T22:00:00.000+00:00",
"generator": {
"date": "2025-07-21T08:21:59.853+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2022-0532",
"initial_release_date": "2018-05-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2018-05-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-05-01T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-05-02T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2018-05-08T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-05-10T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2018-05-13T22:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2018-05-15T22:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2018-05-16T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2018-05-21T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2018-05-22T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "11",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "13",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-05-29T22:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2018-06-05T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2018-06-06T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2018-06-07T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-06-11T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2018-06-17T22:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-06-18T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-06-19T22:00:00.000+00:00",
"number": "21",
"summary": "Added references"
},
{
"date": "2018-06-21T22:00:00.000+00:00",
"number": "22",
"summary": "New remediations available"
},
{
"date": "2018-06-24T22:00:00.000+00:00",
"number": "23",
"summary": "Added references"
},
{
"date": "2018-06-27T22:00:00.000+00:00",
"number": "24",
"summary": "Added references"
},
{
"date": "2018-07-10T22:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2018-07-29T22:00:00.000+00:00",
"number": "26",
"summary": "New remediations available"
},
{
"date": "2018-08-01T22:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2018-08-06T22:00:00.000+00:00",
"number": "28",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "29",
"summary": "New remediations available"
},
{
"date": "2018-08-14T22:00:00.000+00:00",
"number": "30",
"summary": "New remediations available"
},
{
"date": "2018-08-14T22:00:00.000+00:00",
"number": "31",
"summary": "New remediations available"
},
{
"date": "2018-08-15T22:00:00.000+00:00",
"number": "32",
"summary": "New remediations available"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "33",
"summary": "New remediations available"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "34",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "35",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-27T22:00:00.000+00:00",
"number": "36",
"summary": "Added references"
},
{
"date": "2018-09-06T22:00:00.000+00:00",
"number": "37",
"summary": "New remediations available"
},
{
"date": "2018-09-10T22:00:00.000+00:00",
"number": "38",
"summary": "New remediations available"
},
{
"date": "2018-10-01T22:00:00.000+00:00",
"number": "39",
"summary": "New remediations available"
},
{
"date": "2018-10-04T22:00:00.000+00:00",
"number": "40",
"summary": "New remediations available"
},
{
"date": "2018-10-09T22:00:00.000+00:00",
"number": "41",
"summary": "New remediations available"
},
{
"date": "2018-10-10T22:00:00.000+00:00",
"number": "42",
"summary": "New remediations available"
},
{
"date": "2018-10-14T22:00:00.000+00:00",
"number": "43",
"summary": "New remediations available"
},
{
"date": "2018-10-30T23:00:00.000+00:00",
"number": "44",
"summary": "New remediations available"
},
{
"date": "2018-10-31T23:00:00.000+00:00",
"number": "45",
"summary": "New remediations available"
},
{
"date": "2018-11-05T23:00:00.000+00:00",
"number": "46",
"summary": "New remediations available"
},
{
"date": "2018-11-07T23:00:00.000+00:00",
"number": "47",
"summary": "New remediations available"
},
{
"date": "2018-11-08T23:00:00.000+00:00",
"number": "48",
"summary": "New remediations available"
},
{
"date": "2018-11-20T23:00:00.000+00:00",
"number": "49",
"summary": "New remediations available"
},
{
"date": "2018-11-28T23:00:00.000+00:00",
"number": "50",
"summary": "New remediations available"
},
{
"date": "2018-12-02T23:00:00.000+00:00",
"number": "51",
"summary": "New remediations available"
},
{
"date": "2018-12-03T23:00:00.000+00:00",
"number": "52",
"summary": "Minor corrections"
},
{
"date": "2018-12-09T23:00:00.000+00:00",
"number": "53",
"summary": "New remediations available"
},
{
"date": "2018-12-11T23:00:00.000+00:00",
"number": "54",
"summary": "New remediations available"
},
{
"date": "2018-12-12T23:00:00.000+00:00",
"number": "55",
"summary": "New remediations available"
},
{
"date": "2019-01-03T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-01-06T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-01-15T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-02-04T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-03-17T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-03-25T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-03-31T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-05-05T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2019-05-15T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-06-17T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-06T22:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-11T22:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-08-13T22:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-09-23T22:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-24T22:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-10-21T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-10-22T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-12-09T23:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-12-09T23:00:00.000+00:00",
"number": "74",
"summary": "Version nicht vorhanden"
},
{
"date": "2020-01-06T23:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2020-01-07T23:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-04-01T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-06-09T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-11T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-18T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-25T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-08-06T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-08-12T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-09-01T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2020-09-03T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-09-06T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-08-29T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-10-10T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-10-11T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-11-01T23:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "97",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "98",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "99",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-14T22:00:00.000+00:00",
"number": "100",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-20T22:00:00.000+00:00",
"number": "101",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "101"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "6368",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7",
"product": {
"name": "Oracle Linux 7",
"product_id": "287065",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:7"
}
}
},
{
"category": "product_version",
"name": "6",
"product": {
"name": "Oracle Linux 6",
"product_id": "T002988",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:6"
}
}
},
{
"category": "product_version",
"name": "5",
"product": {
"name": "Oracle Linux 5",
"product_id": "T003616",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:5"
}
}
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "product_name",
"name": "Linux"
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9016",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2015-9016"
},
{
"cve": "CVE-2017-0861",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-13166",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2017-13220",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-13220"
},
{
"cve": "CVE-2017-16526",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16526"
},
{
"cve": "CVE-2017-16911",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16911"
},
{
"cve": "CVE-2017-16912",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16912"
},
{
"cve": "CVE-2017-16913",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16913"
},
{
"cve": "CVE-2017-16914",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16914"
},
{
"cve": "CVE-2017-17975",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-17975"
},
{
"cve": "CVE-2017-18017",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18017"
},
{
"cve": "CVE-2017-18193",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18193"
},
{
"cve": "CVE-2017-18203",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18203"
},
{
"cve": "CVE-2017-18216",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18216"
},
{
"cve": "CVE-2017-18218",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18218"
},
{
"cve": "CVE-2017-18222",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18222"
},
{
"cve": "CVE-2017-18224",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18224"
},
{
"cve": "CVE-2017-18232",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18232"
},
{
"cve": "CVE-2017-18241",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18257",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18257"
},
{
"cve": "CVE-2017-5715",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2017-5753",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2018-1000004",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1000004"
},
{
"cve": "CVE-2018-1000199",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-10323",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-10323"
},
{
"cve": "CVE-2018-1065",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1066",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1066"
},
{
"cve": "CVE-2018-1068",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1068"
},
{
"cve": "CVE-2018-1092",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1108",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1108"
},
{
"cve": "CVE-2018-5332",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5332"
},
{
"cve": "CVE-2018-5333",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5333"
},
{
"cve": "CVE-2018-5750",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5750"
},
{
"cve": "CVE-2018-5803",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-6927",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-6927"
},
{
"cve": "CVE-2018-7480",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7480"
},
{
"cve": "CVE-2018-7492",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-7566",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7566"
},
{
"cve": "CVE-2018-7740",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7740"
},
{
"cve": "CVE-2018-7757",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7757"
},
{
"cve": "CVE-2018-7995",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7995"
},
{
"cve": "CVE-2018-8087",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8087"
},
{
"cve": "CVE-2018-8781",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8822",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8822"
}
]
}
rhsa-2018:2948
Vulnerability from csaf_redhat
Published
2018-10-30 12:05
Modified
2025-08-04 12:06
Summary
Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)
* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)
* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article:
https://access.redhat.com/articles/3658021
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load \u0026 Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor\u0027s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)\n\n* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)\n\nSpace precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article: \n\nhttps://access.redhat.com/articles/3658021\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2948",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/ssbd",
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3658021",
"url": "https://access.redhat.com/articles/3658021"
},
{
"category": "external",
"summary": "1516257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516257"
},
{
"category": "external",
"summary": "1528312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312"
},
{
"category": "external",
"summary": "1528323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528323"
},
{
"category": "external",
"summary": "1533909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909"
},
{
"category": "external",
"summary": "1539508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539508"
},
{
"category": "external",
"summary": "1539706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706"
},
{
"category": "external",
"summary": "1541846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846"
},
{
"category": "external",
"summary": "1547824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"category": "external",
"summary": "1548412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412"
},
{
"category": "external",
"summary": "1550142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550142"
},
{
"category": "external",
"summary": "1551051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051"
},
{
"category": "external",
"summary": "1551565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565"
},
{
"category": "external",
"summary": "1552048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
},
{
"category": "external",
"summary": "1553361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361"
},
{
"category": "external",
"summary": "1560777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777"
},
{
"category": "external",
"summary": "1560788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788"
},
{
"category": "external",
"summary": "1560793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560793"
},
{
"category": "external",
"summary": "1566890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566890"
},
{
"category": "external",
"summary": "1568744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568744"
},
{
"category": "external",
"summary": "1571062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062"
},
{
"category": "external",
"summary": "1571623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623"
},
{
"category": "external",
"summary": "1573699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699"
},
{
"category": "external",
"summary": "1575472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472"
},
{
"category": "external",
"summary": "1577408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408"
},
{
"category": "external",
"summary": "1583210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583210"
},
{
"category": "external",
"summary": "1589324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589324"
},
{
"category": "external",
"summary": "1590215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590215"
},
{
"category": "external",
"summary": "1590799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799"
},
{
"category": "external",
"summary": "1596795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596795"
},
{
"category": "external",
"summary": "1596802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802"
},
{
"category": "external",
"summary": "1596806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806"
},
{
"category": "external",
"summary": "1596812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596812"
},
{
"category": "external",
"summary": "1596828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828"
},
{
"category": "external",
"summary": "1596842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596842"
},
{
"category": "external",
"summary": "1596846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846"
},
{
"category": "external",
"summary": "1599161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161"
},
{
"category": "external",
"summary": "1601704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601704"
},
{
"category": "external",
"summary": "1609664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664"
},
{
"category": "external",
"summary": "1610958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958"
},
{
"category": "external",
"summary": "1622004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622004"
},
{
"category": "external",
"summary": "1623067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067"
},
{
"category": "external",
"summary": "1629636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629636"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2948.json"
}
],
"title": "Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-08-04T12:06:47+00:00",
"generator": {
"date": "2025-08-04T12:06:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2018:2948",
"initial_release_date": "2018-10-30T12:05:20+00:00",
"revision_history": [
{
"date": "2018-10-30T12:05:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-30T12:05:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:06:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "perf-0:4.14.0-115.el7a.ppc64le",
"product_id": "perf-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product_id": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.el7a?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product_id": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.el7a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product_id": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.el7a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-alt-0:4.14.0-115.el7a.src",
"product": {
"name": "kernel-alt-0:4.14.0-115.el7a.src",
"product_id": "kernel-alt-0:4.14.0-115.el7a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.el7a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.el7a.src",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.el7a.src",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548412"
}
],
"notes": [
{
"category": "description",
"text": "A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "RHBZ#1548412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13166",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166"
}
],
"release_date": "2017-07-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "A systemtap script intercepting v4l2_compat_ioctl32() function of the [videodev] module and making it to return -ENOIOCTLCMD error value would work just fine, except breaking all 32bit video capturing software, but not 64bit ones.\n\nAlternatively, blacklisting [videodev] module will work too, but it will break all video capturing software.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation"
},
{
"cve": "CVE-2017-16648",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-11-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1516257"
}
],
"notes": [
{
"category": "description",
"text": "The dvb frontend management subsystem in the Linux kernel contains a use-after-free which can allow a malicious user to write to memory that may be assigned to another kernel structure. This could create memory corruption, panic, or possibly other side affects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7, MRG-2 and real-time kernels.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux kernel-alt package.\n\nFuture Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-16648"
},
{
"category": "external",
"summary": "RHBZ#1516257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-16648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-16648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16648"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c"
},
{
"cve": "CVE-2017-17805",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528312"
}
],
"notes": [
{
"category": "description",
"text": "The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AF_ALG-based skcipher interface to cause a denial of service (uninitialized-memory free and kernel crash) or have an unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 are vulnerable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17805"
},
{
"category": "external",
"summary": "RHBZ#1528312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805"
}
],
"release_date": "2017-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service"
},
{
"cve": "CVE-2017-17806",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528323"
}
],
"notes": [
{
"category": "description",
"text": "The HMAC implementation (crypto/hmac.c) in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3), to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17806"
},
{
"category": "external",
"summary": "RHBZ#1528323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17806"
}
],
"release_date": "2017-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service"
},
{
"cve": "CVE-2017-18075",
"cwe": {
"id": "CWE-628",
"name": "Function Call with Incorrectly Specified Arguments"
},
"discovery_date": "2018-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1539508"
}
],
"notes": [
{
"category": "description",
"text": "crypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2, as the code with the flaw is not enabled and is not built in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18075"
},
{
"category": "external",
"summary": "RHBZ#1539508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18075"
}
],
"release_date": "2017-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service"
},
{
"cve": "CVE-2017-18208",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551565"
}
],
"notes": [
{
"category": "description",
"text": "The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18208"
},
{
"category": "external",
"summary": "RHBZ#1551565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18208",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18208"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208"
},
{
"category": "external",
"summary": "https://lwn.net/Articles/618064/",
"url": "https://lwn.net/Articles/618064/"
},
{
"category": "external",
"summary": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt",
"url": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt"
}
],
"release_date": "2017-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service"
},
{
"cve": "CVE-2017-18344",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-07-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1610958"
}
],
"notes": [
{
"category": "description",
"text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18344"
},
{
"category": "external",
"summary": "RHBZ#1610958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344"
}
],
"release_date": "2017-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "Attached to this bugzilla is a systemtap script that will prevent opening (and therefore reading) the /proc/\u003cprocess\u003e/timers file which is used to leak information.\n\nThe SystemTap script is relatively small and efficient, broken into 3 distinct sections as follows:\n\n--------\n\nprobe kernel.function(\"proc_timers_open@fs/proc/base.c\").return { \n // this is -EACCES\n\t$return = -13;\n message = sprintf(\"CVE-2017-18344 mitigation denied access to %s to %s(%d)\", file_name , execname(), pid());\n // print a warning message at KERN_INFO debug level\n printk(6, message);\n}\n\nprobe begin {\n printk(6, \"Mitigation for CVE-2017-18344 loaded.\\n\");\n}\n\n\nprobe end {\n printk(6, \"Mitigation for CVE-2017-18344 unloaded.\\n\");\n}\n\n\n---------\n\nFirst, the script places a probe at the return of the kernel function \u201cproc_timers_open\u201d when called. This modifies the return value to be EACCES which would return this value to userspace preventing this file from being opened. When the /proc/\u003cpid\u003e/timer file is attempted to be opened, a message will be logged to the kernel log subsystem showing the process and pid of the application attempting to access the timer file. \n\nThis file is not in widespread use at this time, although some applications may read from it to debug or understand their own timers that are set. This mitigation will not be useful in this context.\n\nFinally, the \u201cprobe begin\u201d and \u201cprobe end\u201d code blocks tell systemtap to add the supplied text to the kernel log buffer via the printk function. This creates an audit trail by registering in the system logs exactly when the mitigation is loaded and unloaded. This will need to be compiled with guru mode (-g parameter) to compile.\n\nThis will need to be loaded at each boot to remain effective. Red Hat Product security recommends updating to a patched kernel when it is available.\n\nRed Hat always seeks to provide both mitigations to disable attacks as well as the actual patches to treat the flaw. To learn more about SystemTap, and how it can be used in your management of your Red Hat systems, please refer to Using SystemTap[1] or one of our videos about it within our Customer Portal[2].\n\n1 - https://access.redhat.com/articles/17839\n2 - https://access.redhat.com/search/#/?q=systemtap",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c"
},
{
"cve": "CVE-2018-1065",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1547824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "RHBZ#1547824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1065"
}
],
"release_date": "2018-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash"
},
{
"cve": "CVE-2018-1068",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552048"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1068"
},
{
"category": "external",
"summary": "RHBZ#1552048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1068"
}
],
"release_date": "2018-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1092",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560777"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "RHBZ#1560777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1092",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1094",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560788"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4_xattr_inode_hash() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "RHBZ#1560788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1095",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560793"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to an out-of-bound access bug in the fs/posix_acl.c:get_acl() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a system crash or other unspecified impact with a crafted ext4 image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1095"
},
{
"category": "external",
"summary": "RHBZ#1560793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1095"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image"
},
{
"cve": "CVE-2018-1118",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1573699"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1118"
},
{
"category": "external",
"summary": "RHBZ#1573699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118"
}
],
"release_date": "2018-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()"
},
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2018-1120",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2018-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575472"
}
],
"notes": [
{
"category": "description",
"text": "By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "RHBZ#1575472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1120"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120"
},
{
"category": "external",
"summary": "http://seclists.org/oss-sec/2018/q2/122",
"url": "http://seclists.org/oss-sec/2018/q2/122"
}
],
"release_date": "2018-05-17T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Ken Johnson"
],
"organization": "Microsoft Security Response Center"
}
],
"cve": "CVE-2018-3639",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-03-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1566890"
}
],
"notes": [
{
"category": "description",
"text": "An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load \u0026 Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor\u0027s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: speculative store bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ssbd",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "RHBZ#1566890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566890"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-3639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/ssbd",
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"category": "external",
"summary": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf",
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf",
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
}
],
"release_date": "2018-05-21T21:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: cpu: speculative store bypass"
},
{
"cve": "CVE-2018-5344",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1533909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5344"
},
{
"category": "external",
"summary": "RHBZ#1533909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344"
}
],
"release_date": "2018-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service"
},
{
"acknowledgments": [
{
"names": [
"Juha-Matti Tilli"
],
"organization": "Aalto University - Department of Communications and Networking and Nokia Bell Labs"
}
],
"cve": "CVE-2018-5390",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601704"
}
],
"notes": [
{
"category": "description",
"text": "A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5390"
},
{
"category": "external",
"summary": "RHBZ#1601704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5390",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5390"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/962459",
"url": "https://www.kb.cert.org/vuls/id/962459"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/netdev/msg514742.html",
"url": "https://www.spinics.net/lists/netdev/msg514742.html"
}
],
"release_date": "2018-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)"
},
{
"acknowledgments": [
{
"names": [
"Juha-Matti Tilli"
],
"organization": "Aalto University - Department of Communications and Networking and Nokia Bell Labs"
}
],
"cve": "CVE-2018-5391",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1609664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5391"
},
{
"category": "external",
"summary": "RHBZ#1609664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/641765",
"url": "https://www.kb.cert.org/vuls/id/641765"
}
],
"release_date": "2018-08-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "One may change the default 4MB and 3MB values of net.ipv4.ipfrag_high_thresh and net.ipv4.ipfrag_low_thresh (and their ipv6 counterparts net.ipv6.ipfrag_high_thresh and net.ipv6.ipfrag_low_thresh) to 256 kB and 192 kB (respectively) or below. Tests show some to significant CPU saturation drop during an attack, depending on a hardware, configuration and environment.\n\nThere can be some impact on performance though, due to ipfrag_high_thresh of 262144 bytes, as only two 64K fragments can fit in the reassembly queue at the same time. For example, there is a risk of breaking applications that rely on large UDP packets.\n\nSee the Mitigation section in the https://access.redhat.com/articles/3553061 article for the script to quickly change to/from default and lower settings.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)"
},
{
"cve": "CVE-2018-5750",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1539706"
}
],
"notes": [
{
"category": "description",
"text": "The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2, as KASLR feature is not present or enabled in these products.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5750"
},
{
"category": "external",
"summary": "RHBZ#1539706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5750",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750"
}
],
"release_date": "2017-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass"
},
{
"cve": "CVE-2018-5803",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551051"
}
],
"notes": [
{
"category": "description",
"text": "An error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "RHBZ#1551051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5803",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803"
}
],
"release_date": "2018-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service"
},
{
"cve": "CVE-2018-5848",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2018-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1590799"
}
],
"notes": [
{
"category": "description",
"text": "In the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u2018ie_len\u2019 argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "RHBZ#1590799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848"
}
],
"release_date": "2017-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption"
},
{
"cve": "CVE-2018-7566",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2018-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1550142"
}
],
"notes": [
{
"category": "description",
"text": "ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, and this may lead to UAF or out-of-bound access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7566"
},
{
"category": "external",
"summary": "RHBZ#1550142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7566"
}
],
"release_date": "2018-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access"
},
{
"cve": "CVE-2018-7757",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553361"
}
],
"notes": [
{
"category": "description",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "RHBZ#1553361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7757",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7757"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757"
}
],
"release_date": "2018-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c"
},
{
"cve": "CVE-2018-8781",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2018-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1571062"
}
],
"notes": [
{
"category": "description",
"text": "A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "RHBZ#1571062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8781",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8781"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781"
}
],
"release_date": "2018-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space"
},
{
"cve": "CVE-2018-9363",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1623067"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report() in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Buffer overflow in hidp_process_report",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9363"
},
{
"category": "external",
"summary": "RHBZ#1623067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9363",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363"
}
],
"release_date": "2018-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Buffer overflow in hidp_process_report"
},
{
"cve": "CVE-2018-10322",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1571623"
}
],
"notes": [
{
"category": "description",
"text": "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel can cause a NULL pointer dereference in xfs_ilock_attr_map_shared function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10322"
},
{
"category": "external",
"summary": "RHBZ#1571623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10322",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322"
}
],
"release_date": "2018-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service"
},
{
"cve": "CVE-2018-10877",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596795"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel ext4 filesystem. An out-of-bound access is possible in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10877"
},
{
"category": "external",
"summary": "RHBZ#1596795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10877",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10877"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10877",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10877"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image"
},
{
"cve": "CVE-2018-10878",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596802"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10878"
},
{
"category": "external",
"summary": "RHBZ#1596802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10878"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878"
}
],
"release_date": "2018-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image"
},
{
"cve": "CVE-2018-10879",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596806"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10879"
},
{
"category": "external",
"summary": "RHBZ#1596806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10879",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file"
},
{
"cve": "CVE-2018-10880",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596812"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem code. A stack-out-of-bounds write in ext4_update_inline_data() is possible when mounting and writing to a crafted ext4 image. An attacker could use this to cause a system crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write in ext4_update_inline_data function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10880"
},
{
"category": "external",
"summary": "RHBZ#1596812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596812"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10880",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10880"
}
],
"release_date": "2018-06-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write in ext4_update_inline_data function"
},
{
"cve": "CVE-2018-10881",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596828"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10881"
},
{
"category": "external",
"summary": "RHBZ#1596828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881"
}
],
"release_date": "2018-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image"
},
{
"cve": "CVE-2018-10882",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596842"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in the fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write infs/jbd2/transaction.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10882"
},
{
"category": "external",
"summary": "RHBZ#1596842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596842"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10882"
}
],
"release_date": "2018-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write infs/jbd2/transaction.c"
},
{
"cve": "CVE-2018-10883",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10883"
},
{
"category": "external",
"summary": "RHBZ#1596846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10883",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883"
}
],
"release_date": "2018-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function"
},
{
"cve": "CVE-2018-10940",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1577408"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10940"
},
{
"category": "external",
"summary": "RHBZ#1577408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10940",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940"
}
],
"release_date": "2018-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c"
},
{
"cve": "CVE-2018-11506",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2018-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1583210"
}
],
"notes": [
{
"category": "description",
"text": "The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel allows local users to cause a denial of service via a stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11506"
},
{
"category": "external",
"summary": "RHBZ#1583210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11506",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11506"
}
],
"release_date": "2018-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact"
},
{
"cve": "CVE-2018-12232",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-06-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1590215"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference issue was found in the Linux kernel. If the close() and fchownat() system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "RHBZ#1590215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12232",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12232"
}
],
"release_date": "2018-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor"
},
{
"cve": "CVE-2018-13405",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1599161"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-13405"
},
{
"category": "external",
"summary": "RHBZ#1599161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-13405",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405"
}
],
"release_date": "2018-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members"
},
{
"acknowledgments": [
{
"names": [
"Florian Weimer",
"Ondrej Mosnacek"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2018-14619",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1622004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto subsystem that allowed an attacker \r\nto crash the system or possibly escalate privileges with a specially crafted program.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crash (possible privesc) in kernel crypto api.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14619"
},
{
"category": "external",
"summary": "RHBZ#1622004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14619",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14619"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14619",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14619"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc"
}
],
"release_date": "2018-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: crash (possible privesc) in kernel crypto api."
},
{
"cve": "CVE-2018-14641",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2018-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1629636"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14641"
},
{
"category": "external",
"summary": "RHBZ#1629636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629636"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14641"
}
],
"release_date": "2018-09-18T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()"
},
{
"cve": "CVE-2018-1000026",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1541846"
}
],
"notes": [
{
"category": "description",
"text": "Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service (DoS) attacks via a packet with a gso_size larger than ~9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as supported configurations are not affected.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000026"
},
{
"category": "external",
"summary": "RHBZ#1541846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000026"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026"
}
],
"release_date": "2018-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet"
},
{
"acknowledgments": [
{
"names": [
"David Rientjes"
],
"organization": "Google"
}
],
"cve": "CVE-2018-1000200",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568744"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel where an out of memory (oom) killing of a process that has large spans of mlocked memory can result in deferencing a NULL pointer, leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference on OOM kill of large mlocked process",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000200"
},
{
"category": "external",
"summary": "RHBZ#1568744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568744"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000200",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000200"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200"
}
],
"release_date": "2018-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference on OOM kill of large mlocked process"
},
{
"cve": "CVE-2018-1000204",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1589324"
}
],
"notes": [
{
"category": "description",
"text": "A malformed SG_IO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "RHBZ#1589324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000204",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204"
}
],
"release_date": "2018-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl"
}
]
}
gsd-2018-1065
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-1065",
"description": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"id": "GSD-2018-1065",
"references": [
"https://www.suse.com/security/cve/CVE-2018-1065.html",
"https://www.debian.org/security/2018/dsa-4188",
"https://access.redhat.com/errata/RHSA-2018:2948",
"https://ubuntu.com/security/CVE-2018-1065",
"https://advisories.mageia.org/CVE-2018-1065.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-1065"
],
"details": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"id": "GSD-2018-1065",
"modified": "2023-12-13T01:22:37.081829Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel 4.15.0-rc9",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Linux kernel 4.15.0-rc9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2018:2948",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "https://www.debian.org/security/2018/dsa-4188",
"refsource": "MISC",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"name": "http://lists.openwall.net/netdev/2018/01/27/46",
"refsource": "MISC",
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"name": "http://patchwork.ozlabs.org/patch/870355/",
"refsource": "MISC",
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"name": "http://www.securitytracker.com/id/1040446",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1040446"
},
{
"name": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"name": "https://usn.ubuntu.com/3654-1/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "https://usn.ubuntu.com/3654-2/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "https://usn.ubuntu.com/3656-1/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-1065"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"name": "http://patchwork.ozlabs.org/patch/870355/",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"name": "http://lists.openwall.net/netdev/2018/01/27/46",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"name": "1040446",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040446"
},
{
"name": "DSA-4188",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "USN-3654-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "USN-3654-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "USN-3656-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-02-13T04:53Z",
"publishedDate": "2018-03-02T08:29Z"
}
}
}
ghsa-cvp9-xf77-46mc
Vulnerability from github
Published
2022-05-14 02:03
Modified
2022-05-14 02:03
Severity ?
VLAI Severity ?
Details
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
{
"affected": [],
"aliases": [
"CVE-2018-1065"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-02T08:29:00Z",
"severity": "MODERATE"
},
"details": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"id": "GHSA-cvp9-xf77-46mc",
"modified": "2022-05-14T02:03:24Z",
"published": "2022-05-14T02:03:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1065"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2018-1065"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3654-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3654-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3656-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"type": "WEB",
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"type": "WEB",
"url": "http://patchwork.ozlabs.org/patch/870355"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040446"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2018-1065
Vulnerability from fkie_nvd
Published
2018-03-02 08:29
Modified
2024-11-21 03:59
Severity ?
Summary
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://lists.openwall.net/netdev/2018/01/27/46 | Third Party Advisory | |
| secalert@redhat.com | http://patchwork.ozlabs.org/patch/870355/ | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.securitytracker.com/id/1040446 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:2948 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1547824 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://usn.ubuntu.com/3654-1/ | ||
| secalert@redhat.com | https://usn.ubuntu.com/3654-2/ | ||
| secalert@redhat.com | https://usn.ubuntu.com/3656-1/ | ||
| secalert@redhat.com | https://www.debian.org/security/2018/dsa-4188 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.openwall.net/netdev/2018/01/27/46 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://patchwork.ozlabs.org/patch/870355/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040446 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2948 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1547824 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3654-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3654-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3656-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4188 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87875BCC-05C4-4C72-AB6B-5FD9E4E74521",
"versionEndIncluding": "4.15.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c."
},
{
"lang": "es",
"value": "El subsistema netfilter en el kernel de Linux, hasta la versi\u00f3n 4.15.7, gestiona de manera incorrecta el caso de una regla blob que contiene un salto pero carece de una cadena definida por el usuario. Esto permite que usuarios locales provoquen una denegaci\u00f3n de servicio (DoS) aprovechando las capacidades CAP_NET_RAW o CAP_NET_ADMIN, relacionadas con arpt_do_table en net/ipv4/netfilter/arp_tables.c, ipt_do_table en net/ipv4/netfilter/ip_tables.c y ip6t_do_table en net/ipv6/netfilter/ip6_tables.c."
}
],
"id": "CVE-2018-1065",
"lastModified": "2024-11-21T03:59:06.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-02T08:29:00.257",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040446"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.openwall.net/netdev/2018/01/27/46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://patchwork.ozlabs.org/patch/870355/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3656-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2018/dsa-4188"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…