Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-2991 (GCVE-0-2022-2991)
Vulnerability from cvelistv5
Published
2022-08-25 17:24
Modified
2024-08-03 00:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
References
| ► | URL | Tags | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:53:00.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in kernel 5.15-rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T17:24:41",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "Fixed in kernel 5.15-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2991",
"datePublished": "2022-08-25T17:24:41",
"dateReserved": "2022-08-25T00:00:00",
"dateUpdated": "2024-08-03T00:53:00.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-2991\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-08-25T18:15:10.363\",\"lastModified\":\"2024-11-21T07:02:02.830\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el subsistema LightNVM del kernel de Linux. El problema es debido a la falta de comprobaci\u00f3n apropiada de la longitud de los datos suministrados por el usuario antes de copiarlos en un b\u00fafer de longitud fija en la regi\u00f3n heap de la memoria. Esta vulnerabilidad permite a un atacante local escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto del kernel. El atacante debe obtener primero la capacidad de ejecutar c\u00f3digo con altos privilegios en el sistema objetivo para explotar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.15\",\"matchCriteriaId\":\"037A6DFB-B41D-4CC7-86C1-A201809B79C4\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-960/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-960/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
suse-su-2023:1983-1
Vulnerability from csaf_suse
Published
2023-04-25 11:05
Modified
2023-04-25 11:05
Summary
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)
Description of the patch
This update for the Linux Kernel 5.3.18-150200_24_126 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
Patchnames
SUSE-2023-1983,SUSE-SLE-Live-Patching-12-SP5-2023-1983,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1985,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1990
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_126 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1983,SUSE-SLE-Live-Patching-12-SP5-2023-1983,SUSE-SLE-Module-Live-Patching-15-SP1-2023-1985,SUSE-SLE-Module-Live-Patching-15-SP2-2023-1990",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1983-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1983-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231983-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1983-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-April/028975.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203993",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "self",
"summary": "SUSE Bug 1207822",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "self",
"summary": "SUSE Bug 1208910",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-04-25T11:05:26Z",
"generator": {
"date": "2023-04-25T11:05:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1983-1",
"initial_release_date": "2023-04-25T11:05:26Z",
"revision_history": [
{
"date": "2023-04-25T11:05:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-122_124-default-11-2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T11:05:26Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T11:05:26Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_114-default-11-150100.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T11:05:26Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
}
]
}
suse-su-2023:1971-1
Vulnerability from csaf_suse
Published
2023-04-24 18:05
Modified
2023-04-24 18:05
Summary
Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)
Description of the patch
This update for the Linux Kernel 4.12.14-95_102 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
Patchnames
SUSE-2023-1971,SUSE-SLE-Live-Patching-12-SP4-2023-1971
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-95_102 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1971,SUSE-SLE-Live-Patching-12-SP4-2023-1971",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1971-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1971-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231971-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1971-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014564.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203993",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "self",
"summary": "SUSE Bug 1207822",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "self",
"summary": "SUSE Bug 1208910",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)",
"tracking": {
"current_release_date": "2023-04-24T18:05:38Z",
"generator": {
"date": "2023-04-24T18:05:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1971-1",
"initial_release_date": "2023-04-24T18:05:38Z",
"revision_history": [
{
"date": "2023-04-24T18:05:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-95_102-default-9-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T18:05:38Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T18:05:38Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T18:05:38Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
}
]
}
suse-su-2023:0852-1
Vulnerability from csaf_suse
Published
2023-03-21 12:36
Modified
2023-03-21 12:36
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
The following non-security bugs were fixed:
- kabi/severities: add l2tp local symbols
Patchnames
SUSE-2023-852,SUSE-OpenStack-Cloud-9-2023-852,SUSE-OpenStack-Cloud-Crowbar-9-2023-852,SUSE-SLE-HA-12-SP4-2023-852,SUSE-SLE-Live-Patching-12-SP4-2023-852,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-852,SUSE-SLE-SERVER-12-SP4-LTSS-2023-852
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).\n- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).\n- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n\nThe following non-security bugs were fixed:\n\n- kabi/severities: add l2tp local symbols\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-852,SUSE-OpenStack-Cloud-9-2023-852,SUSE-OpenStack-Cloud-Crowbar-9-2023-852,SUSE-SLE-HA-12-SP4-2023-852,SUSE-SLE-Live-Patching-12-SP4-2023-852,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-852,SUSE-SLE-SERVER-12-SP4-LTSS-2023-852",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0852-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0852-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0852-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014114.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1203331",
"url": "https://bugzilla.suse.com/1203331"
},
{
"category": "self",
"summary": "SUSE Bug 1203332",
"url": "https://bugzilla.suse.com/1203332"
},
{
"category": "self",
"summary": "SUSE Bug 1205711",
"url": "https://bugzilla.suse.com/1205711"
},
{
"category": "self",
"summary": "SUSE Bug 1207051",
"url": "https://bugzilla.suse.com/1207051"
},
{
"category": "self",
"summary": "SUSE Bug 1207773",
"url": "https://bugzilla.suse.com/1207773"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1208700",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "self",
"summary": "SUSE Bug 1209188",
"url": "https://bugzilla.suse.com/1209188"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-38096 page",
"url": "https://www.suse.com/security/cve/CVE-2022-38096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-03-21T12:36:10Z",
"generator": {
"date": "2023-03-21T12:36:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0852-1",
"initial_release_date": "2023-03-21T12:36:10Z",
"revision_history": [
{
"date": "2023-03-21T12:36:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-base-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-extra-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.aarch64",
"product_id": "kernel-obs-build-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64",
"product_id": "kernel-syms-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-devel-4.12.14-95.120.4.noarch",
"product_id": "kernel-devel-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-95.120.6.noarch",
"product": {
"name": "kernel-docs-4.12.14-95.120.6.noarch",
"product_id": "kernel-docs-4.12.14-95.120.6.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-95.120.6.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-95.120.6.noarch",
"product_id": "kernel-docs-html-4.12.14-95.120.6.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-macros-4.12.14-95.120.4.noarch",
"product_id": "kernel-macros-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-source-4.12.14-95.120.4.noarch",
"product_id": "kernel-source-4.12.14-95.120.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-95.120.4.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-95.120.4.noarch",
"product_id": "kernel-source-vanilla-4.12.14-95.120.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-extra-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-obs-build-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-syms-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-base-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-extra-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-default-man-4.12.14-95.120.4.s390x",
"product_id": "kernel-default-man-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.s390x",
"product_id": "kernel-obs-build-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.s390x",
"product_id": "kernel-syms-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-95.120.4.s390x",
"product_id": "kernel-zfcpdump-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "dlm-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-extra-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-95.120.4.x86_64",
"product_id": "kernel-obs-build-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.120.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.120.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-95.120.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64",
"product_id": "kernel-syms-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"product_id": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-95.120.4.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-espos:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-default-man-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.120.4.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch"
},
"product_reference": "kernel-source-4.12.14-95.120.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.120.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.120.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-36280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36280"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36280",
"url": "https://www.suse.com/security/cve/CVE-2022-36280"
},
{
"category": "external",
"summary": "SUSE Bug 1203332 for CVE-2022-36280",
"url": "https://bugzilla.suse.com/1203332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-38096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-38096"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-38096",
"url": "https://www.suse.com/security/cve/CVE-2022-38096"
},
{
"category": "external",
"summary": "SUSE Bug 1203331 for CVE-2022-38096",
"url": "https://bugzilla.suse.com/1203331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-4129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4129"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4129",
"url": "https://www.suse.com/security/cve/CVE-2022-4129"
},
{
"category": "external",
"summary": "SUSE Bug 1205711 for CVE-2022-4129",
"url": "https://bugzilla.suse.com/1205711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2023-0045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0045"
}
],
"notes": [
{
"category": "general",
"text": "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0045",
"url": "https://www.suse.com/security/cve/CVE-2023-0045"
},
{
"category": "external",
"summary": "SUSE Bug 1207773 for CVE-2023-0045",
"url": "https://bugzilla.suse.com/1207773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-23559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23559"
}
],
"notes": [
{
"category": "general",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23559",
"url": "https://www.suse.com/security/cve/CVE-2023-23559"
},
{
"category": "external",
"summary": "SUSE Bug 1207051 for CVE-2023-23559",
"url": "https://bugzilla.suse.com/1207051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4.x86_64",
"SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4.noarch",
"SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-21T12:36:10Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
suse-su-2023:0768-1
Vulnerability from csaf_suse
Published
2023-03-16 12:26
Modified
2023-03-16 12:26
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-0597: Fixed a lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
The following non-security bugs were fixed:
- kabi/severities: add l2tp local symbols
- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449, bsc#1204356, bsc#1204662).
- net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
Patchnames
SUSE-2023-768,SUSE-SLE-Module-Live-Patching-15-SP1-2023-768,SUSE-SLE-Product-HA-15-SP1-2023-768,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-768,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-768,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-768,openSUSE-SLE-15.4-2023-768
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).\n- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).\n- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)\n- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-0597: Fixed a lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n\nThe following non-security bugs were fixed:\n\n- kabi/severities: add l2tp local symbols\n- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449, bsc#1204356, bsc#1204662).\n- net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-768,SUSE-SLE-Module-Live-Patching-15-SP1-2023-768,SUSE-SLE-Product-HA-15-SP1-2023-768,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-768,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-768,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-768,openSUSE-SLE-15.4-2023-768",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0768-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0768-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230768-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0768-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014072.html"
},
{
"category": "self",
"summary": "SUSE Bug 1186449",
"url": "https://bugzilla.suse.com/1186449"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1203331",
"url": "https://bugzilla.suse.com/1203331"
},
{
"category": "self",
"summary": "SUSE Bug 1203332",
"url": "https://bugzilla.suse.com/1203332"
},
{
"category": "self",
"summary": "SUSE Bug 1204356",
"url": "https://bugzilla.suse.com/1204356"
},
{
"category": "self",
"summary": "SUSE Bug 1204662",
"url": "https://bugzilla.suse.com/1204662"
},
{
"category": "self",
"summary": "SUSE Bug 1205711",
"url": "https://bugzilla.suse.com/1205711"
},
{
"category": "self",
"summary": "SUSE Bug 1207051",
"url": "https://bugzilla.suse.com/1207051"
},
{
"category": "self",
"summary": "SUSE Bug 1207773",
"url": "https://bugzilla.suse.com/1207773"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1207845",
"url": "https://bugzilla.suse.com/1207845"
},
{
"category": "self",
"summary": "SUSE Bug 1207875",
"url": "https://bugzilla.suse.com/1207875"
},
{
"category": "self",
"summary": "SUSE Bug 1208700",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "self",
"summary": "SUSE Bug 1208837",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "self",
"summary": "SUSE Bug 1209188",
"url": "https://bugzilla.suse.com/1209188"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-38096 page",
"url": "https://www.suse.com/security/cve/CVE-2022-38096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-03-16T12:26:30Z",
"generator": {
"date": "2023-03-16T12:26:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0768-1",
"initial_release_date": "2023-03-16T12:26:30Z",
"revision_history": [
{
"date": "2023-03-16T12:26:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "dlm-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-base-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-extra-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-livepatch-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-150100.197.137.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-syms-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-syms-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-vanilla-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"product_id": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"product_id": "reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-devel-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-devel-4.12.14-150100.197.137.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-docs-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-docs-4.12.14-150100.197.137.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-docs-html-4.12.14-150100.197.137.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-macros-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-macros-4.12.14-150100.197.137.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-source-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-source-4.12.14-150100.197.137.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-150100.197.137.2.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-150100.197.137.2.noarch",
"product_id": "kernel-source-vanilla-4.12.14-150100.197.137.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-debug-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-debug-base-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-extra-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-150100.197.137.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-syms-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-vanilla-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"product_id": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "dlm-kmp-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "gfs2-kmp-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-base-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-devel-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-extra-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-livepatch-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-default-man-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-default-man-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-obs-build-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-150100.197.137.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-syms-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-syms-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-vanilla-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-vanilla-base-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-zfcpdump-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "kselftests-kmp-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"product": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"product_id": "reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "dlm-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-debug-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-debug-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-debug-base-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-debug-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-debug-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-base-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-extra-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-150100.197.137.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-150100.197.137.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-syms-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-syms-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-vanilla-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"product_id": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"product_id": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP1",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-devel-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-docs-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-macros-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-source-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-default-man-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-devel-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-docs-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-macros-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-source-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-devel-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-docs-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-macros-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-150100.197.137.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch"
},
"product_reference": "kernel-source-4.12.14-150100.197.137.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-syms-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-150100.197.137.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-default-man-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64"
},
"product_reference": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le"
},
"product_reference": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64"
},
"product_reference": "kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
},
"product_reference": "kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-36280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36280"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36280",
"url": "https://www.suse.com/security/cve/CVE-2022-36280"
},
{
"category": "external",
"summary": "SUSE Bug 1203332 for CVE-2022-36280",
"url": "https://bugzilla.suse.com/1203332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-38096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-38096"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-38096",
"url": "https://www.suse.com/security/cve/CVE-2022-38096"
},
{
"category": "external",
"summary": "SUSE Bug 1203331 for CVE-2022-38096",
"url": "https://bugzilla.suse.com/1203331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-4129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4129"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4129",
"url": "https://www.suse.com/security/cve/CVE-2022-4129"
},
{
"category": "external",
"summary": "SUSE Bug 1205711 for CVE-2022-4129",
"url": "https://bugzilla.suse.com/1205711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2023-0045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0045"
}
],
"notes": [
{
"category": "general",
"text": "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0045",
"url": "https://www.suse.com/security/cve/CVE-2023-0045"
},
{
"category": "external",
"summary": "SUSE Bug 1207773 for CVE-2023-0045",
"url": "https://bugzilla.suse.com/1207773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-0597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0597"
}
],
"notes": [
{
"category": "general",
"text": "A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0597",
"url": "https://www.suse.com/security/cve/CVE-2023-0597"
},
{
"category": "external",
"summary": "SUSE Bug 1207845 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1207845"
},
{
"category": "external",
"summary": "SUSE Bug 1212395 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1212395"
},
{
"category": "external",
"summary": "SUSE Bug 1213271 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1213271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-0597"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
},
{
"cve": "CVE-2023-23559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23559"
}
],
"notes": [
{
"category": "general",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23559",
"url": "https://www.suse.com/security/cve/CVE-2023-23559"
},
{
"category": "external",
"summary": "SUSE Bug 1207051 for CVE-2023-23559",
"url": "https://bugzilla.suse.com/1207051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_137-default-1-150100.3.3.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.137.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.137.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.aarch64",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.ppc64le",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.s390x",
"openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.137.2.x86_64",
"openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.137.2.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-16T12:26:30Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
suse-su-2023:2023-1
Vulnerability from csaf_suse
Published
2023-04-26 00:07
Modified
2023-04-26 00:07
Summary
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Description of the patch
This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
Patchnames
SUSE-2023-2023,SUSE-SLE-Live-Patching-12-SP4-2023-2023,SUSE-SLE-Live-Patching-12-SP5-2023-2020,SUSE-SLE-Module-Live-Patching-15-SP1-2023-2021
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2023,SUSE-SLE-Live-Patching-12-SP4-2023-2023,SUSE-SLE-Live-Patching-12-SP5-2023-2020,SUSE-SLE-Module-Live-Patching-15-SP1-2023-2021",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2023-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2023-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232023-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2023-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-April/028993.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203993",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "self",
"summary": "SUSE Bug 1207822",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "self",
"summary": "SUSE Bug 1208910",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2023-04-26T00:07:04Z",
"generator": {
"date": "2023-04-26T00:07:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2023-1",
"initial_release_date": "2023-04-26T00:07:04Z",
"revision_history": [
{
"date": "2023-04-26T00:07:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-95_99-default-11-2.2.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-122_127-default-9-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-26T00:07:04Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-26T00:07:04Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_99-default-11-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-9-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-26T00:07:04Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
}
]
}
suse-su-2025:0834-1
Vulnerability from csaf_suse
Published
2025-03-11 10:55
Modified
2025-03-11 10:55
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM (bsc#1186482).
- CVE-2021-47634: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl (bsc#1237758).
- CVE-2021-47644: media: staging: media: zoran: move videodev alloc (bsc#1237766).
- CVE-2022-48953: rtc: cmos: fix build on non-ACPI platforms (bsc#1231941).
- CVE-2022-48975: gpiolib: fix memory leak in gpiochip_setup_dev() (bsc#1231885).
- CVE-2022-49006: tracing: Free buffers when a used dynamic event is removed (bsc#1232163).
- CVE-2022-49076: RDMA/hfi1: Fix use-after-free bug for mm struct (bsc#1237738).
- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033).
- CVE-2022-49089: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (bsc#1238041).
- CVE-2022-49124: x86/mce: Work around an erratum on fast string copy instructions (bsc#1238148).
- CVE-2022-49134: mlxsw: spectrum: Guard against invalid local ports (bsc#1237982).
- CVE-2022-49135: drm/amd/display: Fix memory leak (bsc#1238006).
- CVE-2022-49151: can: mcba_usb: properly check endpoint type (bsc#1237778).
- CVE-2022-49178: memstick/mspro_block: fix handling of read-only devices (bsc#1238107).
- CVE-2022-49182: net: hns3: add vlan list lock to protect vlan list (bsc#1238260).
- CVE-2022-49201: ibmvnic: fix race between xmit and reset (bsc#1238256).
- CVE-2022-49247: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (bsc#1237783).
- CVE-2022-49490: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is (bsc#1238275).
- CVE-2022-49626: sfc: fix use after free when disabling sriov (bsc#1238270).
- CVE-2022-49661: can: gs_usb: gs_usb_open/close(): fix memory leak (bsc#1237788).
- CVE-2023-52572: Fixed UAF in cifs_demultiplex_thread() in cifs (bsc#1220946).
- CVE-2023-52853: hid: cp2112: Fix duplicate workqueue initialization (bsc#1224988).
- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-49963: mailbox: bcm2835: Fix timeout during suspend mode (bsc#1232147).
- CVE-2024-49975: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1232104).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50067: uprobe: avoid out-of-bounds memory access of fetching args (bsc#1232416).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53217: nfsd: restore callback functionality for NFSv4.0 (bsc#1234999).
- CVE-2024-56633: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data (bsc#1235485).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56688: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (bsc#1235538).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21689: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (bsc#1237017).
- CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
The following non-security bugs were fixed:
- bpf: fix mixed signed/unsigned derived min/max value bounds (bsc#1050081).
- btrfs: add a flag to iterate_inodes_from_logical to find all
- btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents (bsc#1174206).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).
- drm/amd/powerplay: Fix missing break in switch (bsc#1120902)
- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).
- drm/i915: Restore planes after load detection (bsc#1051510).
- drm/i915: always return something on DDI clock selection (bsc#1120902)
- drm/msm/mdp5: Fix global state lock backoff (bsc#1238275)
- fix SCTP regression (bsc#1158082)
- fixup 'rpm: support gz and zst compression methods' once more (bsc#1190428, bsc#1190358).
- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).
- kABI: Add clear_trace to trace_array (bsc#1232163).
- kABI: Preserve TRACE_EVENT_FL values (bsc#1232163).
- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bnc#1101669).
- mm, numa: Remove rate-limiting of automatic numa balancing migration (bnc#1101669).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- powerpc/64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
- powerpc/papr_scm: Fix DIMM device registration race (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Fix DIMM device registration race (bsc#1113295, git-fixes).
- powerpc/papr_scm: Fix resource end address (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Fix resource end address (bsc#1113295, git-fixes).
- powerpc/papr_scm: Remove endian conversions (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Remove endian conversions (bsc#1113295, git-fixes).
- powerpc/papr_scm: Update DT properties (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Update DT properties (bsc#1113295, git-fixes).
- powerpc/papr_scm: Use depend instead of select (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Use depend instead of select (bsc#1113295, git-fixes).
- powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (FATE#326628, bsc#1113295, git-fixes).
- powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (bsc#1113295, git-fixes).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression
- rpm/kernel-source.spec.in: Add subpackage-names.conf as source.
- s390/cpum_cf: rename IBM z13/z14 counter names (FATE#326341, LTC#169491, bsc#1100823).
- s390/cpum_cf: rename IBM z13/z14 counter names (LTC#169491, bsc#1100823).
- s390/dasd: fix hanging offline processing due to canceled worker (bsc#1175165).
- sched/numa: Avoid task migration for small NUMA improvement (bnc#1101669).
- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bnc#1101669).
- sched/numa: Reset scan rate whenever task moves across nodes (bnc#1101669).
- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bnc#1101669).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: storvsc: Add validation for untrusted Hyper-V values (git-fixes).
- scsi: storvsc: Correctly handle multiple flags in srb_status (git-fixes).
- scsi: storvsc: Fix handling of srb_status and capacity change events (git-fixes).
- scsi: storvsc: Fix spelling mistake (git-fixes).
- scsi: storvsc: Handle SRB status value 0x30 (git-fixes).
- scsi: storvsc: Log TEST_UNIT_READY errors as warnings (git-fixes).
- scsi: storvsc: Miscellaneous code cleanups (git-fixes).
- scsi: storvsc: Return DID_ERROR for invalid commands (git-fixes).
- scsi: storvsc: Update error logging (git-fixes).
- scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git-fixes).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- tracing: Only have rmmod clear buffers that its events were active in (bsc#1232163).
- ubi: fastmap: Cancel work upon detach (bsc#1051510).
Patchnames
SUSE-2025-834,SUSE-SLE-HA-12-SP5-2025-834,SUSE-SLE-Live-Patching-12-SP5-2025-834,SUSE-SLE-SERVER-12-SP5-LTSS-2025-834,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-834
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM (bsc#1186482).\n- CVE-2021-47634: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl (bsc#1237758).\n- CVE-2021-47644: media: staging: media: zoran: move videodev alloc (bsc#1237766).\n- CVE-2022-48953: rtc: cmos: fix build on non-ACPI platforms (bsc#1231941).\n- CVE-2022-48975: gpiolib: fix memory leak in gpiochip_setup_dev() (bsc#1231885).\n- CVE-2022-49006: tracing: Free buffers when a used dynamic event is removed (bsc#1232163).\n- CVE-2022-49076: RDMA/hfi1: Fix use-after-free bug for mm struct (bsc#1237738).\n- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033).\n- CVE-2022-49089: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (bsc#1238041).\n- CVE-2022-49124: x86/mce: Work around an erratum on fast string copy instructions (bsc#1238148).\n- CVE-2022-49134: mlxsw: spectrum: Guard against invalid local ports (bsc#1237982).\n- CVE-2022-49135: drm/amd/display: Fix memory leak (bsc#1238006).\n- CVE-2022-49151: can: mcba_usb: properly check endpoint type (bsc#1237778).\n- CVE-2022-49178: memstick/mspro_block: fix handling of read-only devices (bsc#1238107).\n- CVE-2022-49182: net: hns3: add vlan list lock to protect vlan list (bsc#1238260).\n- CVE-2022-49201: ibmvnic: fix race between xmit and reset (bsc#1238256).\n- CVE-2022-49247: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (bsc#1237783).\n- CVE-2022-49490: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is (bsc#1238275).\n- CVE-2022-49626: sfc: fix use after free when disabling sriov (bsc#1238270).\n- CVE-2022-49661: can: gs_usb: gs_usb_open/close(): fix memory leak (bsc#1237788).\n- CVE-2023-52572: Fixed UAF in cifs_demultiplex_thread() in cifs (bsc#1220946).\n- CVE-2023-52853: hid: cp2112: Fix duplicate workqueue initialization (bsc#1224988).\n- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).\n- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).\n- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).\n- CVE-2024-49963: mailbox: bcm2835: Fix timeout during suspend mode (bsc#1232147).\n- CVE-2024-49975: uprobes: fix kernel info leak via \u0027[uprobes]\u0027 vma (bsc#1232104).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50067: uprobe: avoid out-of-bounds memory access of fetching args (bsc#1232416).\n- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).\n- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).\n- CVE-2024-53217: nfsd: restore callback functionality for NFSv4.0 (bsc#1234999).\n- CVE-2024-56633: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data (bsc#1235485).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56658: net: defer final \u0027struct net\u0027 free in netns dismantle (bsc#1235441).\n- CVE-2024-56688: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (bsc#1235538).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current-\u003ensproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current-\u003ensproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy (bsc#1236123).\n- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).\n- CVE-2025-21689: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (bsc#1237017).\n- CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n\nThe following non-security bugs were fixed:\n\n- bpf: fix mixed signed/unsigned derived min/max value bounds (bsc#1050081).\n- btrfs: add a flag to iterate_inodes_from_logical to find all\n- btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents (bsc#1174206).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).\n- drm/amd/powerplay: Fix missing break in switch (bsc#1120902)\n- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).\n- drm/i915: Restore planes after load detection (bsc#1051510).\n- drm/i915: always return something on DDI clock selection (bsc#1120902)\n- drm/msm/mdp5: Fix global state lock backoff (bsc#1238275)\n- fix SCTP regression (bsc#1158082)\n- fixup \u0027rpm: support gz and zst compression methods\u0027 once more (bsc#1190428, bsc#1190358).\n- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).\n- kABI: Add clear_trace to trace_array (bsc#1232163).\n- kABI: Preserve TRACE_EVENT_FL values (bsc#1232163).\n- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bnc#1101669).\n- mm, numa: Remove rate-limiting of automatic numa balancing migration (bnc#1101669).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- powerpc/64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).\n- powerpc/papr_scm: Fix DIMM device registration race (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Fix DIMM device registration race (bsc#1113295, git-fixes).\n- powerpc/papr_scm: Fix resource end address (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Fix resource end address (bsc#1113295, git-fixes).\n- powerpc/papr_scm: Remove endian conversions (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Remove endian conversions (bsc#1113295, git-fixes).\n- powerpc/papr_scm: Update DT properties (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Update DT properties (bsc#1113295, git-fixes).\n- powerpc/papr_scm: Use depend instead of select (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Use depend instead of select (bsc#1113295, git-fixes).\n- powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (FATE#326628, bsc#1113295, git-fixes).\n- powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (bsc#1113295, git-fixes).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression\n- rpm/kernel-source.spec.in: Add subpackage-names.conf as source.\n- s390/cpum_cf: rename IBM z13/z14 counter names (FATE#326341, LTC#169491, bsc#1100823).\n- s390/cpum_cf: rename IBM z13/z14 counter names (LTC#169491, bsc#1100823).\n- s390/dasd: fix hanging offline processing due to canceled worker (bsc#1175165).\n- sched/numa: Avoid task migration for small NUMA improvement (bnc#1101669).\n- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bnc#1101669).\n- sched/numa: Reset scan rate whenever task moves across nodes (bnc#1101669).\n- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bnc#1101669).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: storvsc: Add validation for untrusted Hyper-V values (git-fixes).\n- scsi: storvsc: Correctly handle multiple flags in srb_status (git-fixes).\n- scsi: storvsc: Fix handling of srb_status and capacity change events (git-fixes).\n- scsi: storvsc: Fix spelling mistake (git-fixes).\n- scsi: storvsc: Handle SRB status value 0x30 (git-fixes).\n- scsi: storvsc: Log TEST_UNIT_READY errors as warnings (git-fixes).\n- scsi: storvsc: Miscellaneous code cleanups (git-fixes).\n- scsi: storvsc: Return DID_ERROR for invalid commands (git-fixes).\n- scsi: storvsc: Update error logging (git-fixes).\n- scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git-fixes).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- tracing: Only have rmmod clear buffers that its events were active in (bsc#1232163).\n- ubi: fastmap: Cancel work upon detach (bsc#1051510).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-834,SUSE-SLE-HA-12-SP5-2025-834,SUSE-SLE-Live-Patching-12-SP5-2025-834,SUSE-SLE-SERVER-12-SP5-LTSS-2025-834,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-834",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0834-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0834-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250834-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0834-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020497.html"
},
{
"category": "self",
"summary": "SUSE Bug 1050081",
"url": "https://bugzilla.suse.com/1050081"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1100823",
"url": "https://bugzilla.suse.com/1100823"
},
{
"category": "self",
"summary": "SUSE Bug 1101669",
"url": "https://bugzilla.suse.com/1101669"
},
{
"category": "self",
"summary": "SUSE Bug 1104731",
"url": "https://bugzilla.suse.com/1104731"
},
{
"category": "self",
"summary": "SUSE Bug 1112246",
"url": "https://bugzilla.suse.com/1112246"
},
{
"category": "self",
"summary": "SUSE Bug 1112894",
"url": "https://bugzilla.suse.com/1112894"
},
{
"category": "self",
"summary": "SUSE Bug 1112899",
"url": "https://bugzilla.suse.com/1112899"
},
{
"category": "self",
"summary": "SUSE Bug 1112902",
"url": "https://bugzilla.suse.com/1112902"
},
{
"category": "self",
"summary": "SUSE Bug 1112903",
"url": "https://bugzilla.suse.com/1112903"
},
{
"category": "self",
"summary": "SUSE Bug 1112905",
"url": "https://bugzilla.suse.com/1112905"
},
{
"category": "self",
"summary": "SUSE Bug 1112906",
"url": "https://bugzilla.suse.com/1112906"
},
{
"category": "self",
"summary": "SUSE Bug 1112907",
"url": "https://bugzilla.suse.com/1112907"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1120902",
"url": "https://bugzilla.suse.com/1120902"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1158082",
"url": "https://bugzilla.suse.com/1158082"
},
{
"category": "self",
"summary": "SUSE Bug 1174206",
"url": "https://bugzilla.suse.com/1174206"
},
{
"category": "self",
"summary": "SUSE Bug 1175165",
"url": "https://bugzilla.suse.com/1175165"
},
{
"category": "self",
"summary": "SUSE Bug 1179444",
"url": "https://bugzilla.suse.com/1179444"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1188601",
"url": "https://bugzilla.suse.com/1188601"
},
{
"category": "self",
"summary": "SUSE Bug 1190358",
"url": "https://bugzilla.suse.com/1190358"
},
{
"category": "self",
"summary": "SUSE Bug 1190428",
"url": "https://bugzilla.suse.com/1190428"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1203410",
"url": "https://bugzilla.suse.com/1203410"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1207168",
"url": "https://bugzilla.suse.com/1207168"
},
{
"category": "self",
"summary": "SUSE Bug 1212051",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "self",
"summary": "SUSE Bug 1217947",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "self",
"summary": "SUSE Bug 1219169",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "self",
"summary": "SUSE Bug 1220946",
"url": "https://bugzilla.suse.com/1220946"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1222803",
"url": "https://bugzilla.suse.com/1222803"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223524",
"url": "https://bugzilla.suse.com/1223524"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1224095",
"url": "https://bugzilla.suse.com/1224095"
},
{
"category": "self",
"summary": "SUSE Bug 1224988",
"url": "https://bugzilla.suse.com/1224988"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1231885",
"url": "https://bugzilla.suse.com/1231885"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231941",
"url": "https://bugzilla.suse.com/1231941"
},
{
"category": "self",
"summary": "SUSE Bug 1232104",
"url": "https://bugzilla.suse.com/1232104"
},
{
"category": "self",
"summary": "SUSE Bug 1232147",
"url": "https://bugzilla.suse.com/1232147"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232163",
"url": "https://bugzilla.suse.com/1232163"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232262",
"url": "https://bugzilla.suse.com/1232262"
},
{
"category": "self",
"summary": "SUSE Bug 1232416",
"url": "https://bugzilla.suse.com/1232416"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1233248",
"url": "https://bugzilla.suse.com/1233248"
},
{
"category": "self",
"summary": "SUSE Bug 1233522",
"url": "https://bugzilla.suse.com/1233522"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1234999",
"url": "https://bugzilla.suse.com/1234999"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235435",
"url": "https://bugzilla.suse.com/1235435"
},
{
"category": "self",
"summary": "SUSE Bug 1235441",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235538",
"url": "https://bugzilla.suse.com/1235538"
},
{
"category": "self",
"summary": "SUSE Bug 1235965",
"url": "https://bugzilla.suse.com/1235965"
},
{
"category": "self",
"summary": "SUSE Bug 1236115",
"url": "https://bugzilla.suse.com/1236115"
},
{
"category": "self",
"summary": "SUSE Bug 1236122",
"url": "https://bugzilla.suse.com/1236122"
},
{
"category": "self",
"summary": "SUSE Bug 1236123",
"url": "https://bugzilla.suse.com/1236123"
},
{
"category": "self",
"summary": "SUSE Bug 1236689",
"url": "https://bugzilla.suse.com/1236689"
},
{
"category": "self",
"summary": "SUSE Bug 1236757",
"url": "https://bugzilla.suse.com/1236757"
},
{
"category": "self",
"summary": "SUSE Bug 1236761",
"url": "https://bugzilla.suse.com/1236761"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1237017",
"url": "https://bugzilla.suse.com/1237017"
},
{
"category": "self",
"summary": "SUSE Bug 1237025",
"url": "https://bugzilla.suse.com/1237025"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237738",
"url": "https://bugzilla.suse.com/1237738"
},
{
"category": "self",
"summary": "SUSE Bug 1237758",
"url": "https://bugzilla.suse.com/1237758"
},
{
"category": "self",
"summary": "SUSE Bug 1237766",
"url": "https://bugzilla.suse.com/1237766"
},
{
"category": "self",
"summary": "SUSE Bug 1237778",
"url": "https://bugzilla.suse.com/1237778"
},
{
"category": "self",
"summary": "SUSE Bug 1237783",
"url": "https://bugzilla.suse.com/1237783"
},
{
"category": "self",
"summary": "SUSE Bug 1237788",
"url": "https://bugzilla.suse.com/1237788"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237982",
"url": "https://bugzilla.suse.com/1237982"
},
{
"category": "self",
"summary": "SUSE Bug 1238006",
"url": "https://bugzilla.suse.com/1238006"
},
{
"category": "self",
"summary": "SUSE Bug 1238033",
"url": "https://bugzilla.suse.com/1238033"
},
{
"category": "self",
"summary": "SUSE Bug 1238041",
"url": "https://bugzilla.suse.com/1238041"
},
{
"category": "self",
"summary": "SUSE Bug 1238107",
"url": "https://bugzilla.suse.com/1238107"
},
{
"category": "self",
"summary": "SUSE Bug 1238148",
"url": "https://bugzilla.suse.com/1238148"
},
{
"category": "self",
"summary": "SUSE Bug 1238256",
"url": "https://bugzilla.suse.com/1238256"
},
{
"category": "self",
"summary": "SUSE Bug 1238260",
"url": "https://bugzilla.suse.com/1238260"
},
{
"category": "self",
"summary": "SUSE Bug 1238270",
"url": "https://bugzilla.suse.com/1238270"
},
{
"category": "self",
"summary": "SUSE Bug 1238275",
"url": "https://bugzilla.suse.com/1238275"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37159 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47634 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47644 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48953 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48975 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49006 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49076 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49080 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49089 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49124 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49134 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49135 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49151 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49178 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49182 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49247 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49490 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49661 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0394 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52572 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52853 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6606 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27397 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50304 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53217 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56647 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56688 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21638 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21690 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-03-11T10:55:11Z",
"generator": {
"date": "2025-03-11T10:55:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0834-1",
"initial_release_date": "2025-03-11T10:55:11Z",
"revision_history": [
{
"date": "2025-03-11T10:55:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.250.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.250.1.aarch64",
"product_id": "kernel-default-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.250.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.250.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.250.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.250.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.250.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.250.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.250.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.250.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.250.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.250.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.250.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.250.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.250.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.250.1.noarch",
"product_id": "kernel-devel-4.12.14-122.250.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.250.1.noarch",
"product_id": "kernel-docs-4.12.14-122.250.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.250.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.250.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.250.1.noarch",
"product_id": "kernel-macros-4.12.14-122.250.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.250.1.noarch",
"product_id": "kernel-source-4.12.14-122.250.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.250.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.250.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.250.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.250.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.250.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.250.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.250.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.250.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.250.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.250.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.250.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.250.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.250.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.250.1.s390x",
"product_id": "kernel-syms-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.250.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.250.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.250.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.250.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.250.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.250.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.250.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.250.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.250.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.250.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.250.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.250.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.250.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.250.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.250.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.250.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.250.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.250.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.250.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.250.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.250.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.250.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.250.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.250.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.250.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.250.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.250.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.250.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-37159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37159"
}
],
"notes": [
{
"category": "general",
"text": "hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37159",
"url": "https://www.suse.com/security/cve/CVE-2021-37159"
},
{
"category": "external",
"summary": "SUSE Bug 1188601 for CVE-2021-37159",
"url": "https://bugzilla.suse.com/1188601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2021-37159"
},
{
"cve": "CVE-2021-47634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl\n\nHulk Robot reported a KASAN report about use-after-free:\n ==================================================================\n BUG: KASAN: use-after-free in __list_del_entry_valid+0x13d/0x160\n Read of size 8 at addr ffff888035e37d98 by task ubiattach/1385\n [...]\n Call Trace:\n klist_dec_and_del+0xa7/0x4a0\n klist_put+0xc7/0x1a0\n device_del+0x4d4/0xed0\n cdev_device_del+0x1a/0x80\n ubi_attach_mtd_dev+0x2951/0x34b0 [ubi]\n ctrl_cdev_ioctl+0x286/0x2f0 [ubi]\n\n Allocated by task 1414:\n device_add+0x60a/0x18b0\n cdev_device_add+0x103/0x170\n ubi_create_volume+0x1118/0x1a10 [ubi]\n ubi_cdev_ioctl+0xb7f/0x1ba0 [ubi]\n\n Freed by task 1385:\n cdev_device_del+0x1a/0x80\n ubi_remove_volume+0x438/0x6c0 [ubi]\n ubi_cdev_ioctl+0xbf4/0x1ba0 [ubi]\n [...]\n ==================================================================\n\nThe lock held by ctrl_cdev_ioctl is ubi_devices_mutex, but the lock held\nby ubi_cdev_ioctl is ubi-\u003edevice_mutex. Therefore, the two locks can be\nconcurrent.\n\nctrl_cdev_ioctl contains two operations: ubi_attach and ubi_detach.\nubi_detach is bug-free because it uses reference counting to prevent\nconcurrency. However, uif_init and uif_close in ubi_attach may race with\nubi_cdev_ioctl.\n\nuif_init will race with ubi_cdev_ioctl as in the following stack.\n cpu1 cpu2 cpu3\n_______________________|________________________|______________________\nctrl_cdev_ioctl\n ubi_attach_mtd_dev\n uif_init\n ubi_cdev_ioctl\n ubi_create_volume\n cdev_device_add\n ubi_add_volume\n // sysfs exist\n kill_volumes\n ubi_cdev_ioctl\n ubi_remove_volume\n cdev_device_del\n // first free\n ubi_free_volume\n cdev_del\n // double free\n cdev_device_del\n\nAnd uif_close will race with ubi_cdev_ioctl as in the following stack.\n cpu1 cpu2 cpu3\n_______________________|________________________|______________________\nctrl_cdev_ioctl\n ubi_attach_mtd_dev\n uif_init\n ubi_cdev_ioctl\n ubi_create_volume\n cdev_device_add\n ubi_debugfs_init_dev\n //error goto out_uif;\n uif_close\n kill_volumes\n ubi_cdev_ioctl\n ubi_remove_volume\n cdev_device_del\n // first free\n ubi_free_volume\n // double free\n\nThe cause of this problem is that commit 714fb87e8bc0 make device\n\"available\" before it becomes accessible via sysfs. Therefore, we\nroll back the modification. We will fix the race condition between\nubi device creation and udev by removing ubi_get_device in\nvol_attribute_show and dev_attribute_show.This avoids accessing\nuninitialized ubi_devices[ubi_num].\n\nubi_get_device is used to prevent devices from being deleted during\nsysfs execution. However, now kernfs ensures that devices will not\nbe deleted before all reference counting are released.\nThe key process is shown in the following stack.\n\ndevice_del\n device_remove_attrs\n device_remove_groups\n sysfs_remove_groups\n sysfs_remove_group\n remove_files\n kernfs_remove_by_name\n kernfs_remove_by_name_ns\n __kernfs_remove\n kernfs_drain",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47634",
"url": "https://www.suse.com/security/cve/CVE-2021-47634"
},
{
"category": "external",
"summary": "SUSE Bug 1237758 for CVE-2021-47634",
"url": "https://bugzilla.suse.com/1237758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2021-47634"
},
{
"cve": "CVE-2021-47644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: staging: media: zoran: move videodev alloc\n\nMove some code out of zr36057_init() and create new functions for handling\nzr-\u003evideo_dev. This permit to ease code reading and fix a zr-\u003evideo_dev\nmemory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47644",
"url": "https://www.suse.com/security/cve/CVE-2021-47644"
},
{
"category": "external",
"summary": "SUSE Bug 1237766 for CVE-2021-47644",
"url": "https://bugzilla.suse.com/1237766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "low"
}
],
"title": "CVE-2021-47644"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix hang during unmount when stopping a space reclaim worker\n\nOften when running generic/562 from fstests we can hang during unmount,\nresulting in a trace like this:\n\n Sep 07 11:52:00 debian9 unknown: run fstests generic/562 at 2022-09-07 11:52:00\n Sep 07 11:55:32 debian9 kernel: INFO: task umount:49438 blocked for more than 120 seconds.\n Sep 07 11:55:32 debian9 kernel: Not tainted 6.0.0-rc2-btrfs-next-122 #1\n Sep 07 11:55:32 debian9 kernel: \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n Sep 07 11:55:32 debian9 kernel: task:umount state:D stack: 0 pid:49438 ppid: 25683 flags:0x00004000\n Sep 07 11:55:32 debian9 kernel: Call Trace:\n Sep 07 11:55:32 debian9 kernel: \u003cTASK\u003e\n Sep 07 11:55:32 debian9 kernel: __schedule+0x3c8/0xec0\n Sep 07 11:55:32 debian9 kernel: ? rcu_read_lock_sched_held+0x12/0x70\n Sep 07 11:55:32 debian9 kernel: schedule+0x5d/0xf0\n Sep 07 11:55:32 debian9 kernel: schedule_timeout+0xf1/0x130\n Sep 07 11:55:32 debian9 kernel: ? lock_release+0x224/0x4a0\n Sep 07 11:55:32 debian9 kernel: ? lock_acquired+0x1a0/0x420\n Sep 07 11:55:32 debian9 kernel: ? trace_hardirqs_on+0x2c/0xd0\n Sep 07 11:55:32 debian9 kernel: __wait_for_common+0xac/0x200\n Sep 07 11:55:32 debian9 kernel: ? usleep_range_state+0xb0/0xb0\n Sep 07 11:55:32 debian9 kernel: __flush_work+0x26d/0x530\n Sep 07 11:55:32 debian9 kernel: ? flush_workqueue_prep_pwqs+0x140/0x140\n Sep 07 11:55:32 debian9 kernel: ? trace_clock_local+0xc/0x30\n Sep 07 11:55:32 debian9 kernel: __cancel_work_timer+0x11f/0x1b0\n Sep 07 11:55:32 debian9 kernel: ? close_ctree+0x12b/0x5b3 [btrfs]\n Sep 07 11:55:32 debian9 kernel: ? __trace_bputs+0x10b/0x170\n Sep 07 11:55:32 debian9 kernel: close_ctree+0x152/0x5b3 [btrfs]\n Sep 07 11:55:32 debian9 kernel: ? evict_inodes+0x166/0x1c0\n Sep 07 11:55:32 debian9 kernel: generic_shutdown_super+0x71/0x120\n Sep 07 11:55:32 debian9 kernel: kill_anon_super+0x14/0x30\n Sep 07 11:55:32 debian9 kernel: btrfs_kill_super+0x12/0x20 [btrfs]\n Sep 07 11:55:32 debian9 kernel: deactivate_locked_super+0x2e/0xa0\n Sep 07 11:55:32 debian9 kernel: cleanup_mnt+0x100/0x160\n Sep 07 11:55:32 debian9 kernel: task_work_run+0x59/0xa0\n Sep 07 11:55:32 debian9 kernel: exit_to_user_mode_prepare+0x1a6/0x1b0\n Sep 07 11:55:32 debian9 kernel: syscall_exit_to_user_mode+0x16/0x40\n Sep 07 11:55:32 debian9 kernel: do_syscall_64+0x48/0x90\n Sep 07 11:55:32 debian9 kernel: entry_SYSCALL_64_after_hwframe+0x63/0xcd\n Sep 07 11:55:32 debian9 kernel: RIP: 0033:0x7fcde59a57a7\n Sep 07 11:55:32 debian9 kernel: RSP: 002b:00007ffe914217c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n Sep 07 11:55:32 debian9 kernel: RAX: 0000000000000000 RBX: 00007fcde5ae8264 RCX: 00007fcde59a57a7\n Sep 07 11:55:32 debian9 kernel: RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b57556cdd0\n Sep 07 11:55:32 debian9 kernel: RBP: 000055b57556cba0 R08: 0000000000000000 R09: 00007ffe91420570\n Sep 07 11:55:32 debian9 kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n Sep 07 11:55:32 debian9 kernel: R13: 000055b57556cdd0 R14: 000055b57556ccb8 R15: 0000000000000000\n Sep 07 11:55:32 debian9 kernel: \u003c/TASK\u003e\n\nWhat happens is the following:\n\n1) The cleaner kthread tries to start a transaction to delete an unused\n block group, but the metadata reservation can not be satisfied right\n away, so a reservation ticket is created and it starts the async\n metadata reclaim task (fs_info-\u003easync_reclaim_work);\n\n2) Writeback for all the filler inodes with an i_size of 2K starts\n (generic/562 creates a lot of 2K files with the goal of filling\n metadata space). We try to create an inline extent for them, but we\n fail when trying to insert the inline extent with -ENOSPC (at\n cow_file_range_inline()) - since this is not critical, we fallback\n to non-inline mode (back to cow_file_range()), reserve extents\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48664",
"url": "https://www.suse.com/security/cve/CVE-2022-48664"
},
{
"category": "external",
"summary": "SUSE Bug 1223524 for CVE-2022-48664",
"url": "https://bugzilla.suse.com/1223524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-48664"
},
{
"cve": "CVE-2022-48953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: cmos: Fix event handler registration ordering issue\n\nBecause acpi_install_fixed_event_handler() enables the event\nautomatically on success, it is incorrect to call it before the\nhandler routine passed to it is ready to handle events.\n\nUnfortunately, the rtc-cmos driver does exactly the incorrect thing\nby calling cmos_wake_setup(), which passes rtc_handler() to\nacpi_install_fixed_event_handler(), before cmos_do_probe(), because\nrtc_handler() uses dev_get_drvdata() to get to the cmos object\npointer and the driver data pointer is only populated in\ncmos_do_probe().\n\nThis leads to a NULL pointer dereference in rtc_handler() on boot\nif the RTC fixed event happens to be active at the init time.\n\nTo address this issue, change the initialization ordering of the\ndriver so that cmos_wake_setup() is always called after a successful\ncmos_do_probe() call.\n\nWhile at it, change cmos_pnp_probe() to call cmos_do_probe() after\nthe initial if () statement used for computing the IRQ argument to\nbe passed to cmos_do_probe() which is cleaner than calling it in\neach branch of that if () (local variable \"irq\" can be of type int,\nbecause it is passed to that function as an argument of type int).\n\nNote that commit 6492fed7d8c9 (\"rtc: rtc-cmos: Do not check\nACPI_FADT_LOW_POWER_S0\") caused this issue to affect a larger number\nof systems, because previously it only affected systems with\nACPI_FADT_LOW_POWER_S0 set, but it is present regardless of that\ncommit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48953",
"url": "https://www.suse.com/security/cve/CVE-2022-48953"
},
{
"category": "external",
"summary": "SUSE Bug 1231941 for CVE-2022-48953",
"url": "https://bugzilla.suse.com/1231941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-48953"
},
{
"cve": "CVE-2022-48975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: fix memory leak in gpiochip_setup_dev()\n\nHere is a backtrace report about memory leak detected in\ngpiochip_setup_dev():\n\nunreferenced object 0xffff88810b406400 (size 512):\n comm \"python3\", pid 1682, jiffies 4295346908 (age 24.090s)\n backtrace:\n kmalloc_trace\n device_add\t\tdevice_private_init at drivers/base/core.c:3361\n\t\t\t(inlined by) device_add at drivers/base/core.c:3411\n cdev_device_add\n gpiolib_cdev_register\n gpiochip_setup_dev\n gpiochip_add_data_with_key\n\ngcdev_register() \u0026 gcdev_unregister() would call device_add() \u0026\ndevice_del() (no matter CONFIG_GPIO_CDEV is enabled or not) to\nregister/unregister device.\n\nHowever, if device_add() succeeds, some resource (like\nstruct device_private allocated by device_private_init())\nis not released by device_del().\n\nTherefore, after device_add() succeeds by gcdev_register(), it\nneeds to call put_device() to release resource in the error handle\npath.\n\nHere we move forward the register of release function, and let it\nrelease every piece of resource by put_device() instead of kfree().\n\nWhile at it, fix another subtle issue, i.e. when gc-\u003engpio is equal\nto 0, we still call kcalloc() and, in case of further error, kfree()\non the ZERO_PTR pointer, which is not NULL. It\u0027s not a bug per se,\nbut rather waste of the resources and potentially wrong expectation\nabout contents of the gdev-\u003edescs variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48975",
"url": "https://www.suse.com/security/cve/CVE-2022-48975"
},
{
"category": "external",
"summary": "SUSE Bug 1231885 for CVE-2022-48975",
"url": "https://bugzilla.suse.com/1231885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-48975"
},
{
"cve": "CVE-2022-49006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Free buffers when a used dynamic event is removed\n\nAfter 65536 dynamic events have been added and removed, the \"type\" field\nof the event then uses the first type number that is available (not\ncurrently used by other events). A type number is the identifier of the\nbinary blobs in the tracing ring buffer (known as events) to map them to\nlogic that can parse the binary blob.\n\nThe issue is that if a dynamic event (like a kprobe event) is traced and\nis in the ring buffer, and then that event is removed (because it is\ndynamic, which means it can be created and destroyed), if another dynamic\nevent is created that has the same number that new event\u0027s logic on\nparsing the binary blob will be used.\n\nTo show how this can be an issue, the following can crash the kernel:\n\n # cd /sys/kernel/tracing\n # for i in `seq 65536`; do\n echo \u0027p:kprobes/foo do_sys_openat2 $arg1:u32\u0027 \u003e kprobe_events\n # done\n\nFor every iteration of the above, the writing to the kprobe_events will\nremove the old event and create a new one (with the same format) and\nincrease the type number to the next available on until the type number\nreaches over 65535 which is the max number for the 16 bit type. After it\nreaches that number, the logic to allocate a new number simply looks for\nthe next available number. When an dynamic event is removed, that number\nis then available to be reused by the next dynamic event created. That is,\nonce the above reaches the max number, the number assigned to the event in\nthat loop will remain the same.\n\nNow that means deleting one dynamic event and created another will reuse\nthe previous events type number. This is where bad things can happen.\nAfter the above loop finishes, the kprobes/foo event which reads the\ndo_sys_openat2 function call\u0027s first parameter as an integer.\n\n # echo 1 \u003e kprobes/foo/enable\n # cat /etc/passwd \u003e /dev/null\n # cat trace\n cat-2211 [005] .... 2007.849603: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196\n cat-2211 [005] .... 2007.849620: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196\n cat-2211 [005] .... 2007.849838: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196\n cat-2211 [005] .... 2007.849880: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196\n # echo 0 \u003e kprobes/foo/enable\n\nNow if we delete the kprobe and create a new one that reads a string:\n\n # echo \u0027p:kprobes/foo do_sys_openat2 +0($arg2):string\u0027 \u003e kprobe_events\n\nAnd now we can the trace:\n\n # cat trace\n sendmail-1942 [002] ..... 530.136320: foo: (do_sys_openat2+0x0/0x240) arg1= cat-2046 [004] ..... 530.930817: foo: (do_sys_openat2+0x0/0x240) arg1=\"\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\"\n cat-2046 [004] ..... 530.930961: foo: (do_sys_openat2+0x0/0x240) arg1=\"\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\"\n cat-2046 [004] ..... 530.934278: foo: (do_sys_openat2+0x0/0x240) arg1=\"\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\"\n cat-2046 [004] ..... 530.934563: foo: (do_sys_openat2+0x0/0x240) arg1=\"\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49006",
"url": "https://www.suse.com/security/cve/CVE-2022-49006"
},
{
"category": "external",
"summary": "SUSE Bug 1232163 for CVE-2022-49006",
"url": "https://bugzilla.suse.com/1232163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49006"
},
{
"cve": "CVE-2022-49076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: Fix use-after-free bug for mm struct\n\nUnder certain conditions, such as MPI_Abort, the hfi1 cleanup code may\nrepresent the last reference held on the task mm.\nhfi1_mmu_rb_unregister() then drops the last reference and the mm is freed\nbefore the final use in hfi1_release_user_pages(). A new task may\nallocate the mm structure while it is still being used, resulting in\nproblems. One manifestation is corruption of the mmap_sem counter leading\nto a hang in down_write(). Another is corruption of an mm struct that is\nin use by another task.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49076",
"url": "https://www.suse.com/security/cve/CVE-2022-49076"
},
{
"category": "external",
"summary": "SUSE Bug 1237738 for CVE-2022-49076",
"url": "https://bugzilla.suse.com/1237738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49076"
},
{
"cve": "CVE-2022-49080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix mpol_new leak in shared_policy_replace\n\nIf mpol_new is allocated but not used in restart loop, mpol_new will be\nfreed via mpol_put before returning to the caller. But refcnt is not\ninitialized yet, so mpol_put could not do the right things and might\nleak the unused mpol_new. This would happen if mempolicy was updated on\nthe shared shmem file while the sp-\u003elock has been dropped during the\nmemory allocation.\n\nThis issue could be triggered easily with the below code snippet if\nthere are many processes doing the below work at the same time:\n\n shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT);\n shm = shmat(shmid, 0, 0);\n loop many times {\n mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0);\n mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask,\n maxnode, 0);\n }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49080",
"url": "https://www.suse.com/security/cve/CVE-2022-49080"
},
{
"category": "external",
"summary": "SUSE Bug 1238033 for CVE-2022-49080",
"url": "https://bugzilla.suse.com/1238033"
},
{
"category": "external",
"summary": "SUSE Bug 1238324 for CVE-2022-49080",
"url": "https://bugzilla.suse.com/1238324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2022-49080"
},
{
"cve": "CVE-2022-49089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition\n\nThe documentation of the function rvt_error_qp says both r_lock and s_lock\nneed to be held when calling that function. It also asserts using lockdep\nthat both of those locks are held. However, the commit I referenced in\nFixes accidentally makes the call to rvt_error_qp in rvt_ruc_loopback no\nlonger covered by r_lock. This results in the lockdep assertion failing\nand also possibly in a race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49089",
"url": "https://www.suse.com/security/cve/CVE-2022-49089"
},
{
"category": "external",
"summary": "SUSE Bug 1238041 for CVE-2022-49089",
"url": "https://bugzilla.suse.com/1238041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49089"
},
{
"cve": "CVE-2022-49124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mce: Work around an erratum on fast string copy instructions\n\nA rare kernel panic scenario can happen when the following conditions\nare met due to an erratum on fast string copy instructions:\n\n1) An uncorrected error.\n2) That error must be in first cache line of a page.\n3) Kernel must execute page_copy from the page immediately before that\npage.\n\nThe fast string copy instructions (\"REP; MOVS*\") could consume an\nuncorrectable memory error in the cache line _right after_ the desired\nregion to copy and raise an MCE.\n\nBit 0 of MSR_IA32_MISC_ENABLE can be cleared to disable fast string\ncopy and will avoid such spurious machine checks. However, that is less\npreferable due to the permanent performance impact. Considering memory\npoison is rare, it\u0027s desirable to keep fast string copy enabled until an\nMCE is seen.\n\nIntel has confirmed the following:\n1. The CPU erratum of fast string copy only applies to Skylake,\nCascade Lake and Cooper Lake generations.\n\nDirectly return from the MCE handler:\n2. Will result in complete execution of the \"REP; MOVS*\" with no data\nloss or corruption.\n3. Will not result in another MCE firing on the next poisoned cache line\ndue to \"REP; MOVS*\".\n4. Will resume execution from a correct point in code.\n5. Will result in the same instruction that triggered the MCE firing a\nsecond MCE immediately for any other software recoverable data fetch\nerrors.\n6. Is not safe without disabling the fast string copy, as the next fast\nstring copy of the same buffer on the same CPU would result in a PANIC\nMCE.\n\nThis should mitigate the erratum completely with the only caveat that\nthe fast string copy is disabled on the affected hyper thread thus\nperformance degradation.\n\nThis is still better than the OS crashing on MCEs raised on an\nirrelevant process due to \"REP; MOVS*\u0027 accesses in a kernel context,\ne.g., copy_page.\n\n\nInjected errors on 1st cache line of 8 anonymous pages of process\n\u0027proc1\u0027 and observed MCE consumption from \u0027proc2\u0027 with no panic\n(directly returned).\n\nWithout the fix, the host panicked within a few minutes on a\nrandom \u0027proc2\u0027 process due to kernel access from copy_page.\n\n [ bp: Fix comment style + touch ups, zap an unlikely(), improve the\n quirk function\u0027s readability. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49124",
"url": "https://www.suse.com/security/cve/CVE-2022-49124"
},
{
"category": "external",
"summary": "SUSE Bug 1238148 for CVE-2022-49124",
"url": "https://bugzilla.suse.com/1238148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49124"
},
{
"cve": "CVE-2022-49134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum: Guard against invalid local ports\n\nWhen processing events generated by the device\u0027s firmware, the driver\nprotects itself from events reported for non-existent local ports, but\nnot for the CPU port (local port 0), which exists, but does not have all\nthe fields as any local port.\n\nThis can result in a NULL pointer dereference when trying access\n\u0027struct mlxsw_sp_port\u0027 fields which are not initialized for CPU port.\n\nCommit 63b08b1f6834 (\"mlxsw: spectrum: Protect driver from buggy firmware\")\nalready handled such issue by bailing early when processing a PUDE event\nreported for the CPU port.\n\nGeneralize the approach by moving the check to a common function and\nmaking use of it in all relevant places.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49134",
"url": "https://www.suse.com/security/cve/CVE-2022-49134"
},
{
"category": "external",
"summary": "SUSE Bug 1237982 for CVE-2022-49134",
"url": "https://bugzilla.suse.com/1237982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49134"
},
{
"cve": "CVE-2022-49135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix memory leak\n\n[why]\nResource release is needed on the error handling path\nto prevent memory leak.\n\n[how]\nFix this by adding kfree on the error handling path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49135",
"url": "https://www.suse.com/security/cve/CVE-2022-49135"
},
{
"category": "external",
"summary": "SUSE Bug 1238006 for CVE-2022-49135",
"url": "https://bugzilla.suse.com/1238006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49135"
},
{
"cve": "CVE-2022-49151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: properly check endpoint type\n\nSyzbot reported warning in usb_submit_urb() which is caused by wrong\nendpoint type. We should check that in endpoint is actually present to\nprevent this warning.\n\nFound pipes are now saved to struct mcba_priv and code uses them\ndirectly instead of making pipes in place.\n\nFail log:\n\n| usb 5-1: BOGUS urb xfer, pipe 3 != type 1\n| WARNING: CPU: 1 PID: 49 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| Modules linked in:\n| CPU: 1 PID: 49 Comm: kworker/1:2 Not tainted 5.17.0-rc6-syzkaller-00184-g38f80f42147f #0\n| Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\n| Workqueue: usb_hub_wq hub_event\n| RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| ...\n| Call Trace:\n| \u003cTASK\u003e\n| mcba_usb_start drivers/net/can/usb/mcba_usb.c:662 [inline]\n| mcba_usb_probe+0x8a3/0xc50 drivers/net/can/usb/mcba_usb.c:858\n| usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396\n| call_driver_probe drivers/base/dd.c:517 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49151",
"url": "https://www.suse.com/security/cve/CVE-2022-49151"
},
{
"category": "external",
"summary": "SUSE Bug 1237778 for CVE-2022-49151",
"url": "https://bugzilla.suse.com/1237778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49151"
},
{
"cve": "CVE-2022-49178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick/mspro_block: fix handling of read-only devices\n\nUse set_disk_ro to propagate the read-only state to the block layer\ninstead of checking for it in -\u003eopen and leaking a reference in case\nof a read-only device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49178",
"url": "https://www.suse.com/security/cve/CVE-2022-49178"
},
{
"category": "external",
"summary": "SUSE Bug 1238107 for CVE-2022-49178",
"url": "https://bugzilla.suse.com/1238107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49178"
},
{
"cve": "CVE-2022-49182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: add vlan list lock to protect vlan list\n\nWhen adding port base VLAN, vf VLAN need to remove from HW and modify\nthe vlan state in vf VLAN list as false. If the periodicity task is\nfreeing the same node, it may cause \"use after free\" error.\nThis patch adds a vlan list lock to protect the vlan list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49182",
"url": "https://www.suse.com/security/cve/CVE-2022-49182"
},
{
"category": "external",
"summary": "SUSE Bug 1238260 for CVE-2022-49182",
"url": "https://bugzilla.suse.com/1238260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49182"
},
{
"cve": "CVE-2022-49201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: fix race between xmit and reset\n\nThere is a race between reset and the transmit paths that can lead to\nibmvnic_xmit() accessing an scrq after it has been freed in the reset\npath. It can result in a crash like:\n\n\tKernel attempted to read user page (0) - exploit attempt? (uid: 0)\n\tBUG: Kernel NULL pointer dereference on read at 0x00000000\n\tFaulting instruction address: 0xc0080000016189f8\n\tOops: Kernel access of bad area, sig: 11 [#1]\n\t...\n\tNIP [c0080000016189f8] ibmvnic_xmit+0x60/0xb60 [ibmvnic]\n\tLR [c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\tCall Trace:\n\t[c008000001618f08] ibmvnic_xmit+0x570/0xb60 [ibmvnic] (unreliable)\n\t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\t[c000000000c9cfcc] sch_direct_xmit+0xec/0x330\n\t[c000000000bfe640] __dev_xmit_skb+0x3a0/0x9d0\n\t[c000000000c00ad4] __dev_queue_xmit+0x394/0x730\n\t[c008000002db813c] __bond_start_xmit+0x254/0x450 [bonding]\n\t[c008000002db8378] bond_start_xmit+0x40/0xc0 [bonding]\n\t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\t[c000000000c00ca4] __dev_queue_xmit+0x564/0x730\n\t[c000000000cf97e0] neigh_hh_output+0xd0/0x180\n\t[c000000000cfa69c] ip_finish_output2+0x31c/0x5c0\n\t[c000000000cfd244] __ip_queue_xmit+0x194/0x4f0\n\t[c000000000d2a3c4] __tcp_transmit_skb+0x434/0x9b0\n\t[c000000000d2d1e0] __tcp_retransmit_skb+0x1d0/0x6a0\n\t[c000000000d2d984] tcp_retransmit_skb+0x34/0x130\n\t[c000000000d310e8] tcp_retransmit_timer+0x388/0x6d0\n\t[c000000000d315ec] tcp_write_timer_handler+0x1bc/0x330\n\t[c000000000d317bc] tcp_write_timer+0x5c/0x200\n\t[c000000000243270] call_timer_fn+0x50/0x1c0\n\t[c000000000243704] __run_timers.part.0+0x324/0x460\n\t[c000000000243894] run_timer_softirq+0x54/0xa0\n\t[c000000000ea713c] __do_softirq+0x15c/0x3e0\n\t[c000000000166258] __irq_exit_rcu+0x158/0x190\n\t[c000000000166420] irq_exit+0x20/0x40\n\t[c00000000002853c] timer_interrupt+0x14c/0x2b0\n\t[c000000000009a00] decrementer_common_virt+0x210/0x220\n\t--- interrupt: 900 at plpar_hcall_norets_notrace+0x18/0x2c\n\nThe immediate cause of the crash is the access of tx_scrq in the following\nsnippet during a reset, where the tx_scrq can be either NULL or an address\nthat will soon be invalid:\n\n\tibmvnic_xmit()\n\t{\n\t\t...\n\t\ttx_scrq = adapter-\u003etx_scrq[queue_num];\n\t\ttxq = netdev_get_tx_queue(netdev, queue_num);\n\t\tind_bufp = \u0026tx_scrq-\u003eind_buf;\n\n\t\tif (test_bit(0, \u0026adapter-\u003eresetting)) {\n\t\t...\n\t}\n\nBut beyond that, the call to ibmvnic_xmit() itself is not safe during a\nreset and the reset path attempts to avoid this by stopping the queue in\nibmvnic_cleanup(). However just after the queue was stopped, an in-flight\nibmvnic_complete_tx() could have restarted the queue even as the reset is\nprogressing.\n\nSince the queue was restarted we could get a call to ibmvnic_xmit() which\ncan then access the bad tx_scrq (or other fields).\n\nWe cannot however simply have ibmvnic_complete_tx() check the -\u003eresetting\nbit and skip starting the queue. This can race at the \"back-end\" of a good\nreset which just restarted the queue but has not cleared the -\u003eresetting\nbit yet. If we skip restarting the queue due to -\u003eresetting being true,\nthe queue would remain stopped indefinitely potentially leading to transmit\ntimeouts.\n\nIOW -\u003eresetting is too broad for this purpose. Instead use a new flag\nthat indicates whether or not the queues are active. Only the open/\nreset paths control when the queues are active. ibmvnic_complete_tx()\nand others wake up the queue only if the queue is marked active.\n\nSo we will have:\n\tA. reset/open thread in ibmvnic_cleanup() and __ibmvnic_open()\n\n\t\t-\u003eresetting = true\n\t\t-\u003etx_queues_active = false\n\t\tdisable tx queues\n\t\t...\n\t\t-\u003etx_queues_active = true\n\t\tstart tx queues\n\n\tB. Tx interrupt in ibmvnic_complete_tx():\n\n\t\tif (-\u003etx_queues_active)\n\t\t\tnetif_wake_subqueue();\n\nTo ensure that -\u003etx_queues_active and state of the queues are consistent,\nwe need a lock which:\n\n\t- must also be taken in the interrupt path (ibmvnic_complete_tx())\n\t- shared across the multiple\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49201",
"url": "https://www.suse.com/security/cve/CVE-2022-49201"
},
{
"category": "external",
"summary": "SUSE Bug 1238256 for CVE-2022-49201",
"url": "https://bugzilla.suse.com/1238256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49201"
},
{
"cve": "CVE-2022-49247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED\n\nIf the callback \u0027start_streaming\u0027 fails, then all\nqueued buffers in the driver should be returned with\nstate \u0027VB2_BUF_STATE_QUEUED\u0027. Currently, they are\nreturned with \u0027VB2_BUF_STATE_ERROR\u0027 which is wrong.\nFix this. This also fixes the warning:\n\n[ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.585027] Modules linked in: snd_usb_audio snd_hwdep snd_usbmidi_lib snd_rawmidi snd_soc_hdmi_codec dw_hdmi_i2s_audio saa7115 stk1160 videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev mc crct10dif_ce panfrost snd_soc_simple_card snd_soc_audio_graph_card snd_soc_spdif_tx snd_soc_simple_card_utils gpu_sched phy_rockchip_pcie snd_soc_rockchip_i2s rockchipdrm analogix_dp dw_mipi_dsi dw_hdmi cec drm_kms_helper drm rtc_rk808 rockchip_saradc industrialio_triggered_buffer kfifo_buf rockchip_thermal pcie_rockchip_host ip_tables x_tables ipv6\n[ 65.589383] CPU: 5 PID: 593 Comm: v4l2src0:src Tainted: G W 5.16.0-rc4-62408-g32447129cb30-dirty #14\n[ 65.590293] Hardware name: Radxa ROCK Pi 4B (DT)\n[ 65.590696] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 65.591304] pc : vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.591850] lr : vb2_start_streaming+0x6c/0x160 [videobuf2_common]\n[ 65.592395] sp : ffff800012bc3ad0\n[ 65.592685] x29: ffff800012bc3ad0 x28: 0000000000000000 x27: ffff800012bc3cd8\n[ 65.593312] x26: 0000000000000000 x25: ffff00000d8a7800 x24: 0000000040045612\n[ 65.593938] x23: ffff800011323000 x22: ffff800012bc3cd8 x21: ffff00000908a8b0\n[ 65.594562] x20: ffff00000908a8c8 x19: 00000000fffffff4 x18: ffffffffffffffff\n[ 65.595188] x17: 000000040044ffff x16: 00400034b5503510 x15: ffff800011323f78\n[ 65.595813] x14: ffff000013163886 x13: ffff000013163885 x12: 00000000000002ce\n[ 65.596439] x11: 0000000000000028 x10: 0000000000000001 x9 : 0000000000000228\n[ 65.597064] x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff726c5e78\n[ 65.597690] x5 : ffff800012bc3990 x4 : 0000000000000000 x3 : ffff000009a34880\n[ 65.598315] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000007cd99f0\n[ 65.598940] Call trace:\n[ 65.599155] vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.599672] vb2_core_streamon+0x17c/0x1a8 [videobuf2_common]\n[ 65.600179] vb2_streamon+0x54/0x88 [videobuf2_v4l2]\n[ 65.600619] vb2_ioctl_streamon+0x54/0x60 [videobuf2_v4l2]\n[ 65.601103] v4l_streamon+0x3c/0x50 [videodev]\n[ 65.601521] __video_do_ioctl+0x1a4/0x428 [videodev]\n[ 65.601977] video_usercopy+0x320/0x828 [videodev]\n[ 65.602419] video_ioctl2+0x3c/0x58 [videodev]\n[ 65.602830] v4l2_ioctl+0x60/0x90 [videodev]\n[ 65.603227] __arm64_sys_ioctl+0xa8/0xe0\n[ 65.603576] invoke_syscall+0x54/0x118\n[ 65.603911] el0_svc_common.constprop.3+0x84/0x100\n[ 65.604332] do_el0_svc+0x34/0xa0\n[ 65.604625] el0_svc+0x1c/0x50\n[ 65.604897] el0t_64_sync_handler+0x88/0xb0\n[ 65.605264] el0t_64_sync+0x16c/0x170\n[ 65.605587] ---[ end trace 578e0ba07742170d ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49247",
"url": "https://www.suse.com/security/cve/CVE-2022-49247"
},
{
"category": "external",
"summary": "SUSE Bug 1237783 for CVE-2022-49247",
"url": "https://bugzilla.suse.com/1237783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49247"
},
{
"cve": "CVE-2022-49490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected\n\nmdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring\nthe modeset lock, but currently mdp5_pipe_release doesn\u0027t check for if\nan error is returned. Because of this, there is a possibility of\nmdp5_pipe_release hitting a NULL dereference error.\n\nTo avoid this, let\u0027s have mdp5_pipe_release check if\nmdp5_get_global_state returns an error and propogate that error.\n\nChanges since v1:\n- Separated declaration and initialization of *new_state to avoid\n compiler warning\n- Fixed some spelling mistakes in commit message\n\nChanges since v2:\n- Return 0 in case where hwpipe is NULL as this is considered normal\n behavior\n- Added 2nd patch in series to fix a similar NULL dereference issue in\n mdp5_mixer_release\n\nPatchwork: https://patchwork.freedesktop.org/patch/485179/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49490",
"url": "https://www.suse.com/security/cve/CVE-2022-49490"
},
{
"category": "external",
"summary": "SUSE Bug 1238275 for CVE-2022-49490",
"url": "https://bugzilla.suse.com/1238275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49490"
},
{
"cve": "CVE-2022-49626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49626"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix use after free when disabling sriov\n\nUse after free is detected by kfence when disabling sriov. What was read\nafter being freed was vf-\u003epci_dev: it was freed from pci_disable_sriov\nand later read in efx_ef10_sriov_free_vf_vports, called from\nefx_ef10_sriov_free_vf_vswitching.\n\nSet the pointer to NULL at release time to not trying to read it later.\n\nReproducer and dmesg log (note that kfence doesn\u0027t detect it every time):\n$ echo 1 \u003e /sys/class/net/enp65s0f0np0/device/sriov_numvfs\n$ echo 0 \u003e /sys/class/net/enp65s0f0np0/device/sriov_numvfs\n\n BUG: KFENCE: use-after-free read in efx_ef10_sriov_free_vf_vswitching+0x82/0x170 [sfc]\n\n Use-after-free read at 0x00000000ff3c1ba5 (in kfence-#224):\n efx_ef10_sriov_free_vf_vswitching+0x82/0x170 [sfc]\n efx_ef10_pci_sriov_disable+0x38/0x70 [sfc]\n efx_pci_sriov_configure+0x24/0x40 [sfc]\n sriov_numvfs_store+0xfe/0x140\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x11f/0x1b0\n vfs_write+0x1eb/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x5c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n kfence-#224: 0x00000000edb8ef95-0x00000000671f5ce1, size=2792, cache=kmalloc-4k\n\n allocated by task 6771 on cpu 10 at 3137.860196s:\n pci_alloc_dev+0x21/0x60\n pci_iov_add_virtfn+0x2a2/0x320\n sriov_enable+0x212/0x3e0\n efx_ef10_sriov_configure+0x67/0x80 [sfc]\n efx_pci_sriov_configure+0x24/0x40 [sfc]\n sriov_numvfs_store+0xba/0x140\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x11f/0x1b0\n vfs_write+0x1eb/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x5c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n freed by task 6771 on cpu 12 at 3170.991309s:\n device_release+0x34/0x90\n kobject_cleanup+0x3a/0x130\n pci_iov_remove_virtfn+0xd9/0x120\n sriov_disable+0x30/0xe0\n efx_ef10_pci_sriov_disable+0x57/0x70 [sfc]\n efx_pci_sriov_configure+0x24/0x40 [sfc]\n sriov_numvfs_store+0xfe/0x140\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x11f/0x1b0\n vfs_write+0x1eb/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x5c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49626",
"url": "https://www.suse.com/security/cve/CVE-2022-49626"
},
{
"category": "external",
"summary": "SUSE Bug 1238270 for CVE-2022-49626",
"url": "https://bugzilla.suse.com/1238270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49626"
},
{
"cve": "CVE-2022-49661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_open/close(): fix memory leak\n\nThe gs_usb driver appears to suffer from a malady common to many USB\nCAN adapter drivers in that it performs usb_alloc_coherent() to\nallocate a number of USB request blocks (URBs) for RX, and then later\nrelies on usb_kill_anchored_urbs() to free them, but this doesn\u0027t\nactually free them. As a result, this may be leaking DMA memory that\u0027s\nbeen used by the driver.\n\nThis commit is an adaptation of the techniques found in the esd_usb2\ndriver where a similar design pattern led to a memory leak. It\nexplicitly frees the RX URBs and their DMA memory via a call to\nusb_free_coherent(). Since the RX URBs were allocated in the\ngs_can_open(), we remove them in gs_can_close() rather than in the\ndisconnect function as was done in esd_usb2.\n\nFor more information, see the 928150fad41b (\"can: esd_usb2: fix memory\nleak\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49661",
"url": "https://www.suse.com/security/cve/CVE-2022-49661"
},
{
"category": "external",
"summary": "SUSE Bug 1237788 for CVE-2022-49661",
"url": "https://bugzilla.suse.com/1237788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-49661"
},
{
"cve": "CVE-2023-0394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0394"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0394",
"url": "https://www.suse.com/security/cve/CVE-2023-0394"
},
{
"category": "external",
"summary": "SUSE Bug 1207168 for CVE-2023-0394",
"url": "https://bugzilla.suse.com/1207168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-0394"
},
{
"cve": "CVE-2023-52572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix UAF in cifs_demultiplex_thread()\n\nThere is a UAF when xfstests on cifs:\n\n BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160\n Read of size 4 at addr ffff88810103fc08 by task cifsd/923\n\n CPU: 1 PID: 923 Comm: cifsd Not tainted 6.1.0-rc4+ #45\n ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_report+0x171/0x472\n kasan_report+0xad/0x130\n kasan_check_range+0x145/0x1a0\n smb2_is_network_name_deleted+0x27/0x160\n cifs_demultiplex_thread.cold+0x172/0x5a4\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\n Allocated by task 923:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_slab_alloc+0x54/0x60\n kmem_cache_alloc+0x147/0x320\n mempool_alloc+0xe1/0x260\n cifs_small_buf_get+0x24/0x60\n allocate_buffers+0xa1/0x1c0\n cifs_demultiplex_thread+0x199/0x10d0\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n\n Freed by task 921:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x40\n ____kasan_slab_free+0x143/0x1b0\n kmem_cache_free+0xe3/0x4d0\n cifs_small_buf_release+0x29/0x90\n SMB2_negotiate+0x8b7/0x1c60\n smb2_negotiate+0x51/0x70\n cifs_negotiate_protocol+0xf0/0x160\n cifs_get_smb_ses+0x5fa/0x13c0\n mount_get_conns+0x7a/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe UAF is because:\n\n mount(pid: 921) | cifsd(pid: 923)\n-------------------------------|-------------------------------\n | cifs_demultiplex_thread\nSMB2_negotiate |\n cifs_send_recv |\n compound_send_recv |\n smb_send_rqst |\n wait_for_response |\n wait_event_state [1] |\n | standard_receive3\n | cifs_handle_standard\n | handle_mid\n | mid-\u003eresp_buf = buf; [2]\n | dequeue_mid [3]\n KILL the process [4] |\n resp_iov[i].iov_base = buf |\n free_rsp_buf [5] |\n | is_network_name_deleted [6]\n | callback\n\n1. After send request to server, wait the response until\n mid-\u003emid_state != SUBMITTED;\n2. Receive response from server, and set it to mid;\n3. Set the mid state to RECEIVED;\n4. Kill the process, the mid state already RECEIVED, get 0;\n5. Handle and release the negotiate response;\n6. UAF.\n\nIt can be easily reproduce with add some delay in [3] - [6].\n\nOnly sync call has the problem since async call\u0027s callback is\nexecuted in cifsd process.\n\nAdd an extra state to mark the mid state to READY before wakeup the\nwaitter, then it can get the resp safely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52572",
"url": "https://www.suse.com/security/cve/CVE-2023-52572"
},
{
"category": "external",
"summary": "SUSE Bug 1220946 for CVE-2023-52572",
"url": "https://bugzilla.suse.com/1220946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-52572"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhid: cp2112: Fix duplicate workqueue initialization\n\nPreviously the cp2112 driver called INIT_DELAYED_WORK within\ncp2112_gpio_irq_startup, resulting in duplicate initilizations of the\nworkqueue on subsequent IRQ startups following an initial request. This\nresulted in a warning in set_work_data in workqueue.c, as well as a rare\nNULL dereference within process_one_work in workqueue.c.\n\nInitialize the workqueue within _probe instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52853",
"url": "https://www.suse.com/security/cve/CVE-2023-52853"
},
{
"category": "external",
"summary": "SUSE Bug 1224988 for CVE-2023-52853",
"url": "https://bugzilla.suse.com/1224988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-52853"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-6606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6606"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6606",
"url": "https://www.suse.com/security/cve/CVE-2023-6606"
},
{
"category": "external",
"summary": "SUSE Bug 1217947 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-6606"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-26810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26810",
"url": "https://www.suse.com/security/cve/CVE-2024-26810"
},
{
"category": "external",
"summary": "SUSE Bug 1222803 for CVE-2024-26810",
"url": "https://bugzilla.suse.com/1222803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use timestamp to check for set element timeout\n\nAdd a timestamp field at the beginning of the transaction, store it\nin the nftables per-netns area.\n\nUpdate set backend .insert, .deactivate and sync gc path to use the\ntimestamp, this avoids that an element expires while control plane\ntransaction is still unfinished.\n\n.lookup and .update, which are used from packet path, still use the\ncurrent time to check if the element has expired. And .get path and dump\nalso since this runs lockless under rcu read size lock. Then, there is\nasync gc which also needs to check the current time since it runs\nasynchronously from a workqueue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27397",
"url": "https://www.suse.com/security/cve/CVE-2024-27397"
},
{
"category": "external",
"summary": "SUSE Bug 1224095 for CVE-2024-27397",
"url": "https://bugzilla.suse.com/1224095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-49867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: wait for fixup workers before stopping cleaner kthread during umount\n\nDuring unmount, at close_ctree(), we have the following steps in this order:\n\n1) Park the cleaner kthread - this doesn\u0027t destroy the kthread, it basically\n halts its execution (wake ups against it work but do nothing);\n\n2) We stop the cleaner kthread - this results in freeing the respective\n struct task_struct;\n\n3) We call btrfs_stop_all_workers() which waits for any jobs running in all\n the work queues and then free the work queues.\n\nSyzbot reported a case where a fixup worker resulted in a crash when doing\na delayed iput on its inode while attempting to wake up the cleaner at\nbtrfs_add_delayed_iput(), because the task_struct of the cleaner kthread\nwas already freed. This can happen during unmount because we don\u0027t wait\nfor any fixup workers still running before we call kthread_stop() against\nthe cleaner kthread, which stops and free all its resources.\n\nFix this by waiting for any fixup workers at close_ctree() before we call\nkthread_stop() against the cleaner and run pending delayed iputs.\n\nThe stack traces reported by syzbot were the following:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n Read of size 8 at addr ffff8880272a8a18 by task kworker/u8:3/52\n\n CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.12.0-rc1-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Workqueue: btrfs-fixup btrfs_work_helper\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]\n try_to_wake_up+0xb0/0x1480 kernel/sched/core.c:4154\n btrfs_writepage_fixup_worker+0xc16/0xdf0 fs/btrfs/inode.c:2842\n btrfs_work_helper+0x390/0xc50 fs/btrfs/async-thread.c:314\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 2:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:319 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345\n kasan_slab_alloc include/linux/kasan.h:247 [inline]\n slab_post_alloc_hook mm/slub.c:4086 [inline]\n slab_alloc_node mm/slub.c:4135 [inline]\n kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4187\n alloc_task_struct_node kernel/fork.c:180 [inline]\n dup_task_struct+0x57/0x8c0 kernel/fork.c:1107\n copy_process+0x5d1/0x3d50 kernel/fork.c:2206\n kernel_clone+0x223/0x880 kernel/fork.c:2787\n kernel_thread+0x1bc/0x240 kernel/fork.c:2849\n create_kthread kernel/kthread.c:412 [inline]\n kthreadd+0x60d/0x810 kernel/kthread.c:765\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\n Freed by task 61:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:230 [inline]\n slab_free_h\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49867",
"url": "https://www.suse.com/security/cve/CVE-2024-49867"
},
{
"category": "external",
"summary": "SUSE Bug 1232262 for CVE-2024-49867",
"url": "https://bugzilla.suse.com/1232262"
},
{
"category": "external",
"summary": "SUSE Bug 1232271 for CVE-2024-49867",
"url": "https://bugzilla.suse.com/1232271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-49867"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: bcm2835: Fix timeout during suspend mode\n\nDuring noirq suspend phase the Raspberry Pi power driver suffer of\nfirmware property timeouts. The reason is that the IRQ of the underlying\nBCM2835 mailbox is disabled and rpi_firmware_property_list() will always\nrun into a timeout [1].\n\nSince the VideoCore side isn\u0027t consider as a wakeup source, set the\nIRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled\nduring suspend-resume cycle.\n\n[1]\nPM: late suspend of devices complete after 1.754 msecs\nWARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128\n rpi_firmware_property_list+0x204/0x22c\nFirmware transaction 0x00028001 timeout\nModules linked in:\nCPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17\nHardware name: BCM2835\nCall trace:\nunwind_backtrace from show_stack+0x18/0x1c\nshow_stack from dump_stack_lvl+0x34/0x44\ndump_stack_lvl from __warn+0x88/0xec\n__warn from warn_slowpath_fmt+0x7c/0xb0\nwarn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c\nrpi_firmware_property_list from rpi_firmware_property+0x68/0x8c\nrpi_firmware_property from rpi_firmware_set_power+0x54/0xc0\nrpi_firmware_set_power from _genpd_power_off+0xe4/0x148\n_genpd_power_off from genpd_sync_power_off+0x7c/0x11c\ngenpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0\ngenpd_finish_suspend from dpm_run_callback+0x78/0xd0\ndpm_run_callback from device_suspend_noirq+0xc0/0x238\ndevice_suspend_noirq from dpm_suspend_noirq+0xb0/0x168\ndpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac\nsuspend_devices_and_enter from pm_suspend+0x254/0x2e4\npm_suspend from state_store+0xa8/0xd4\nstate_store from kernfs_fop_write_iter+0x154/0x1a0\nkernfs_fop_write_iter from vfs_write+0x12c/0x184\nvfs_write from ksys_write+0x78/0xc0\nksys_write from ret_fast_syscall+0x0/0x54\nException stack(0xcc93dfa8 to 0xcc93dff0)\n[...]\nPM: noirq suspend of devices complete after 3095.584 msecs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49963",
"url": "https://www.suse.com/security/cve/CVE-2024-49963"
},
{
"category": "external",
"summary": "SUSE Bug 1232147 for CVE-2024-49963",
"url": "https://bugzilla.suse.com/1232147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-49963"
},
{
"cve": "CVE-2024-49975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: fix kernel info leak via \"[uprobes]\" vma\n\nxol_add_vma() maps the uninitialized page allocated by __create_xol_area()\ninto userspace. On some architectures (x86) this memory is readable even\nwithout VM_READ, VM_EXEC results in the same pgprot_t as VM_EXEC|VM_READ,\nalthough this doesn\u0027t really matter, debugger can read this memory anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49975",
"url": "https://www.suse.com/security/cve/CVE-2024-49975"
},
{
"category": "external",
"summary": "SUSE Bug 1232104 for CVE-2024-49975",
"url": "https://bugzilla.suse.com/1232104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-49975"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobe: avoid out-of-bounds memory access of fetching args\n\nUprobe needs to fetch args into a percpu buffer, and then copy to ring\nbuffer to avoid non-atomic context problem.\n\nSometimes user-space strings, arrays can be very large, but the size of\npercpu buffer is only page size. And store_trace_args() won\u0027t check\nwhether these data exceeds a single page or not, caused out-of-bounds\nmemory access.\n\nIt could be reproduced by following steps:\n1. build kernel with CONFIG_KASAN enabled\n2. save follow program as test.c\n\n```\n\\#include \u003cstdio.h\u003e\n\\#include \u003cstdlib.h\u003e\n\\#include \u003cstring.h\u003e\n\n// If string length large than MAX_STRING_SIZE, the fetch_store_strlen()\n// will return 0, cause __get_data_size() return shorter size, and\n// store_trace_args() will not trigger out-of-bounds access.\n// So make string length less than 4096.\n\\#define STRLEN 4093\n\nvoid generate_string(char *str, int n)\n{\n int i;\n for (i = 0; i \u003c n; ++i)\n {\n char c = i % 26 + \u0027a\u0027;\n str[i] = c;\n }\n str[n-1] = \u0027\\0\u0027;\n}\n\nvoid print_string(char *str)\n{\n printf(\"%s\\n\", str);\n}\n\nint main()\n{\n char tmp[STRLEN];\n\n generate_string(tmp, STRLEN);\n print_string(tmp);\n\n return 0;\n}\n```\n3. compile program\n`gcc -o test test.c`\n\n4. get the offset of `print_string()`\n```\nobjdump -t test | grep -w print_string\n0000000000401199 g F .text 000000000000001b print_string\n```\n\n5. configure uprobe with offset 0x1199\n```\noff=0x1199\n\ncd /sys/kernel/debug/tracing/\necho \"p /root/test:${off} arg1=+0(%di):ustring arg2=\\$comm arg3=+0(%di):ustring\"\n \u003e uprobe_events\necho 1 \u003e events/uprobes/enable\necho 1 \u003e tracing_on\n```\n\n6. run `test`, and kasan will report error.\n==================================================================\nBUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0\nWrite of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18\nHardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x27/0x310\n kasan_report+0x10f/0x120\n ? strncpy_from_user+0x1d6/0x1f0\n strncpy_from_user+0x1d6/0x1f0\n ? rmqueue.constprop.0+0x70d/0x2ad0\n process_fetch_insn+0xb26/0x1470\n ? __pfx_process_fetch_insn+0x10/0x10\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __pte_offset_map+0x1f/0x2d0\n ? unwind_next_frame+0xc5f/0x1f80\n ? arch_stack_walk+0x68/0xf0\n ? is_bpf_text_address+0x23/0x30\n ? kernel_text_address.part.0+0xbb/0xd0\n ? __kernel_text_address+0x66/0xb0\n ? unwind_get_return_address+0x5e/0xa0\n ? __pfx_stack_trace_consume_entry+0x10/0x10\n ? arch_stack_walk+0xa2/0xf0\n ? _raw_spin_lock_irqsave+0x8b/0xf0\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? depot_alloc_stack+0x4c/0x1f0\n ? _raw_spin_unlock_irqrestore+0xe/0x30\n ? stack_depot_save_flags+0x35d/0x4f0\n ? kasan_save_stack+0x34/0x50\n ? kasan_save_stack+0x24/0x50\n ? mutex_lock+0x91/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n prepare_uprobe_buffer.part.0+0x2cd/0x500\n uprobe_dispatcher+0x2c3/0x6a0\n ? __pfx_uprobe_dispatcher+0x10/0x10\n ? __kasan_slab_alloc+0x4d/0x90\n handler_chain+0xdd/0x3e0\n handle_swbp+0x26e/0x3d0\n ? __pfx_handle_swbp+0x10/0x10\n ? uprobe_pre_sstep_notifier+0x151/0x1b0\n irqentry_exit_to_user_mode+0xe2/0x1b0\n asm_exc_int3+0x39/0x40\nRIP: 0033:0x401199\nCode: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce\nRSP: 002b:00007ffdf00576a8 EFLAGS: 00000206\nRAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2\nRDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0\nRBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20\nR10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040\nR13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nThis commit enforces the buffer\u0027s maxlen less than a page-size to avoid\nstore_trace_args() out-of-memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50067",
"url": "https://www.suse.com/security/cve/CVE-2024-50067"
},
{
"category": "external",
"summary": "SUSE Bug 1232416 for CVE-2024-50067",
"url": "https://bugzilla.suse.com/1232416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-50067"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50251",
"url": "https://www.suse.com/security/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1233248 for CVE-2024-50251",
"url": "https://bugzilla.suse.com/1233248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()\n\nThe per-netns IP tunnel hash table is protected by the RTNL mutex and\nip_tunnel_find() is only called from the control path where the mutex is\ntaken.\n\nAdd a lockdep expression to hlist_for_each_entry_rcu() in\nip_tunnel_find() in order to validate that the mutex is held and to\nsilence the suspicious RCU usage warning [1].\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted\n-----------------------------\nnet/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/362:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n ip_tunnel_find+0x435/0x4d0\n ip_tunnel_newlink+0x517/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50304",
"url": "https://www.suse.com/security/cve/CVE-2024-50304"
},
{
"category": "external",
"summary": "SUSE Bug 1233522 for CVE-2024-50304",
"url": "https://bugzilla.suse.com/1233522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-50304"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent NULL dereference in nfsd4_process_cb_update()\n\n@ses is initialized to NULL. If __nfsd4_find_backchannel() finds no\navailable backchannel session, setup_callback_client() will try to\ndereference @ses and segfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53217",
"url": "https://www.suse.com/security/cve/CVE-2024-53217"
},
{
"category": "external",
"summary": "SUSE Bug 1234999 for CVE-2024-53217",
"url": "https://bugzilla.suse.com/1234999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-53217"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg-\u003esg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003c 0), we may\n miss uncharging (msg-\u003esg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg-\u003esg.size;\n416 if (psock-\u003eapply_bytes \u0026\u0026 psock-\u003eapply_bytes \u003c tosend)\n417 tosend = psock-\u003eapply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg-\u003esg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg-\u003esg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003c 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003c 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg-\u003esg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56633",
"url": "https://www.suse.com/security/cve/CVE-2024-56633"
},
{
"category": "external",
"summary": "SUSE Bug 1235485 for CVE-2024-56633",
"url": "https://bugzilla.suse.com/1235485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \u003cIRQ\u003e\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst-\u003eout = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst-\u003edev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56647",
"url": "https://www.suse.com/security/cve/CVE-2024-56647"
},
{
"category": "external",
"summary": "SUSE Bug 1235435 for CVE-2024-56647",
"url": "https://bugzilla.suse.com/1235435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final \u0027struct net\u0027 free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net-\u003exfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst-\u003eops-\u003edestroy)\n dst-\u003eops-\u003edestroy(dst);\n\ndst-\u003eops points to the old net-\u003exfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the \u0027struct net\u0027 to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 \u003cfa\u003e c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \u003c/TASK\u003e\nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56658",
"url": "https://www.suse.com/security/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "SUSE Bug 1235441 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "external",
"summary": "SUSE Bug 1235442 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "important"
}
],
"title": "CVE-2024-56658"
},
{
"cve": "CVE-2024-56688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport\n\nSince transport-\u003esock has been set to NULL during reset transport,\nXPRT_SOCK_UPD_TIMEOUT also needs to be cleared. Otherwise, the\nxs_tcp_set_socket_timeouts() may be triggered in xs_tcp_send_request()\nto dereference the transport-\u003esock that has been set to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56688",
"url": "https://www.suse.com/security/cve/CVE-2024-56688"
},
{
"category": "external",
"summary": "SUSE Bug 1235538 for CVE-2024-56688",
"url": "https://bugzilla.suse.com/1235538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-56688"
},
{
"cve": "CVE-2024-57896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: flush delalloc workers queue before stopping cleaner kthread during unmount\n\nDuring the unmount path, at close_ctree(), we first stop the cleaner\nkthread, using kthread_stop() which frees the associated task_struct, and\nthen stop and destroy all the work queues. However after we stopped the\ncleaner we may still have a worker from the delalloc_workers queue running\ninode.c:submit_compressed_extents(), which calls btrfs_add_delayed_iput(),\nwhich in turn tries to wake up the cleaner kthread - which was already\ndestroyed before, resulting in a use-after-free on the task_struct.\n\nSyzbot reported this with the following stack traces:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089\n Read of size 8 at addr ffff8880259d2818 by task kworker/u8:3/52\n\n CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Workqueue: btrfs-delalloc btrfs_work_helper\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]\n try_to_wake_up+0xc2/0x1470 kernel/sched/core.c:4205\n submit_compressed_extents+0xdf/0x16e0 fs/btrfs/inode.c:1615\n run_ordered_work fs/btrfs/async-thread.c:288 [inline]\n btrfs_work_helper+0x96f/0xc40 fs/btrfs/async-thread.c:324\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 2:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:319 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345\n kasan_slab_alloc include/linux/kasan.h:250 [inline]\n slab_post_alloc_hook mm/slub.c:4104 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x1d9/0x380 mm/slub.c:4205\n alloc_task_struct_node kernel/fork.c:180 [inline]\n dup_task_struct+0x57/0x8c0 kernel/fork.c:1113\n copy_process+0x5d1/0x3d50 kernel/fork.c:2225\n kernel_clone+0x223/0x870 kernel/fork.c:2807\n kernel_thread+0x1bc/0x240 kernel/fork.c:2869\n create_kthread kernel/kthread.c:412 [inline]\n kthreadd+0x60d/0x810 kernel/kthread.c:767\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\n Freed by task 24:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kmem_cache_free+0x195/0x410 mm/slub.c:4700\n put_task_struct include/linux/sched/task.h:144 [inline]\n delayed_put_task_struct+0x125/0x300 kernel/exit.c:227\n rcu_do_batch kernel/rcu/tree.c:2567 [inline]\n rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:943\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57896",
"url": "https://www.suse.com/security/cve/CVE-2024-57896"
},
{
"category": "external",
"summary": "SUSE Bug 1235965 for CVE-2024-57896",
"url": "https://bugzilla.suse.com/1235965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-57896"
},
{
"cve": "CVE-2025-21638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21638",
"url": "https://www.suse.com/security/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "SUSE Bug 1236115 for CVE-2025-21638",
"url": "https://bugzilla.suse.com/1236115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21639",
"url": "https://www.suse.com/security/cve/CVE-2025-21639"
},
{
"category": "external",
"summary": "SUSE Bug 1236122 for CVE-2025-21639",
"url": "https://bugzilla.suse.com/1236122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21640",
"url": "https://www.suse.com/security/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "SUSE Bug 1236123 for CVE-2025-21640",
"url": "https://bugzilla.suse.com/1236123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server-\u003ehostname can\u0027t be freed as long as\ncifsd thread isn\u0027t done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff \u003c0f\u003e\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21673",
"url": "https://www.suse.com/security/cve/CVE-2025-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1236689 for CVE-2025-21673",
"url": "https://bugzilla.suse.com/1236689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport \u003e serial-\u003enum_ports) {\n dev_err(\u0026port-\u003edev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn\u0027t account for the valid range of the serial-\u003eport\nbuffer, which is from 0 to serial-\u003enum_ports - 1. When newport is equal\nto serial-\u003enum_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv-\u003ecurrent_port = newport;\n port = serial-\u003eport[serial_priv-\u003ecurrent_port];\n\nThe fix checks if newport is greater than or equal to serial-\u003enum_ports\nindicating it is out-of-bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21689",
"url": "https://www.suse.com/security/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "SUSE Bug 1237017 for CVE-2025-21689",
"url": "https://bugzilla.suse.com/1237017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there\u0027s a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn\u0027t DoS the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21690",
"url": "https://www.suse.com/security/cve/CVE-2025-21690"
},
{
"category": "external",
"summary": "SUSE Bug 1237025 for CVE-2025-21690",
"url": "https://bugzilla.suse.com/1237025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_250-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.250.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.250.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.250.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-11T10:55:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
}
]
}
suse-su-2023:2007-1
Vulnerability from csaf_suse
Published
2023-04-25 16:33
Modified
2023-04-25 16:33
Summary
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)
Description of the patch
This update for the Linux Kernel 5.3.18-150200_24_115 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
Patchnames
SUSE-2023-2007,SUSE-SLE-Live-Patching-12-SP4-2023-2007,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2005
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_115 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2007,SUSE-SLE-Live-Patching-12-SP4-2023-2007,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2005",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2007-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2007-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232007-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2007-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014581.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203993",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "self",
"summary": "SUSE Bug 1207822",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "self",
"summary": "SUSE Bug 1208910",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-04-25T16:33:46Z",
"generator": {
"date": "2023-04-25T16:33:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2007-1",
"initial_release_date": "2023-04-25T16:33:46Z",
"revision_history": [
{
"date": "2023-04-25T16:33:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-95_105-default-9-2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T16:33:46Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T16:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-9-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_115-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-25T16:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
}
]
}
suse-su-2022:3263-1
Vulnerability from csaf_suse
Published
2022-09-14 04:14
Modified
2022-09-14 04:14
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).
The following non-security bugs were fixed:
- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).
- mm, rmap: Fixed anon_vma->degree ambiguity leading to double-reuse (bsc#1203098).
- lightnvm: Removed lightnvm implemenation (bsc#1191881).
Patchnames
SUSE-2022-3263,SUSE-SLE-SERVER-12-SP3-BCL-2022-3263
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).\n- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).\n- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).\n- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).\n- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).\n- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).\n- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim\u0027s TCP session (bnc#1196616).\n- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).\n\nThe following non-security bugs were fixed:\n\n- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).\n- mm, rmap: Fixed anon_vma-\u003edegree ambiguity leading to double-reuse (bsc#1203098).\n- lightnvm: Removed lightnvm implemenation (bsc#1191881).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3263,SUSE-SLE-SERVER-12-SP3-BCL-2022-3263",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3263-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3263-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223263-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3263-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012222.html"
},
{
"category": "self",
"summary": "SUSE Bug 1133374",
"url": "https://bugzilla.suse.com/1133374"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1196616",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1201726",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "self",
"summary": "SUSE Bug 1201948",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "self",
"summary": "SUSE Bug 1202096",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "self",
"summary": "SUSE Bug 1202346",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "self",
"summary": "SUSE Bug 1202347",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "self",
"summary": "SUSE Bug 1202393",
"url": "https://bugzilla.suse.com/1202393"
},
{
"category": "self",
"summary": "SUSE Bug 1202897",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "self",
"summary": "SUSE Bug 1202898",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "self",
"summary": "SUSE Bug 1203098",
"url": "https://bugzilla.suse.com/1203098"
},
{
"category": "self",
"summary": "SUSE Bug 1203107",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3900 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36516 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20369 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2588 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36879 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39188 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39188/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-09-14T04:14:47Z",
"generator": {
"date": "2022-09-14T04:14:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3263-1",
"initial_release_date": "2022-09-14T04:14:47Z",
"revision_history": [
{
"date": "2022-09-14T04:14:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-base-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-devel-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-extra-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.aarch64",
"product_id": "kernel-obs-build-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.aarch64",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.aarch64",
"product_id": "kernel-syms-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-devel-4.4.180-94.174.1.noarch",
"product_id": "kernel-devel-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-html-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-pdf-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-macros-4.4.180-94.174.1.noarch",
"product_id": "kernel-macros-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-source-4.4.180-94.174.1.noarch",
"product_id": "kernel-source-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.180-94.174.1.noarch",
"product_id": "kernel-source-vanilla-4.4.180-94.174.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-extra-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-obs-build-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-syms-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-base-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-devel-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-extra-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-man-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-man-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.s390x",
"product_id": "kernel-obs-build-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.s390x",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.s390x",
"product_id": "kernel-syms-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.180-94.174.1.s390x",
"product_id": "kernel-zfcpdump-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-extra-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-extra-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.x86_64",
"product_id": "kernel-obs-build-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.x86_64",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.x86_64",
"product_id": "kernel-syms-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-devel-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-macros-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-source-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-syms-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3900"
}
],
"notes": [
{
"category": "general",
"text": "An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3900",
"url": "https://www.suse.com/security/cve/CVE-2019-3900"
},
{
"category": "external",
"summary": "SUSE Bug 1133374 for CVE-2019-3900",
"url": "https://bugzilla.suse.com/1133374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "low"
}
],
"title": "CVE-2019-3900"
},
{
"cve": "CVE-2020-36516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36516"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim\u0027s TCP session or terminate that session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36516",
"url": "https://www.suse.com/security/cve/CVE-2020-36516"
},
{
"category": "external",
"summary": "SUSE Bug 1196616 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "external",
"summary": "SUSE Bug 1196867 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196867"
},
{
"category": "external",
"summary": "SUSE Bug 1204092 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204092"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2020-36516"
},
{
"cve": "CVE-2022-20368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20368"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20368",
"url": "https://www.suse.com/security/cve/CVE-2022-20368"
},
{
"category": "external",
"summary": "SUSE Bug 1202346 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "external",
"summary": "SUSE Bug 1212311 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1212311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-20369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20369"
}
],
"notes": [
{
"category": "general",
"text": "In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20369",
"url": "https://www.suse.com/security/cve/CVE-2022-20369"
},
{
"category": "external",
"summary": "SUSE Bug 1202347 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "external",
"summary": "SUSE Bug 1212321 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1212321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-20369"
},
{
"cve": "CVE-2022-21385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21385"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21385",
"url": "https://www.suse.com/security/cve/CVE-2022-21385"
},
{
"category": "external",
"summary": "SUSE Bug 1202897 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "external",
"summary": "SUSE Bug 1212285 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1212285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-21385"
},
{
"cve": "CVE-2022-2588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2588"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2588",
"url": "https://www.suse.com/security/cve/CVE-2022-2588"
},
{
"category": "external",
"summary": "SUSE Bug 1202096 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "external",
"summary": "SUSE Bug 1203613 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1203613"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1204183"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-26373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26373"
}
],
"notes": [
{
"category": "general",
"text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26373",
"url": "https://www.suse.com/security/cve/CVE-2022-26373"
},
{
"category": "external",
"summary": "SUSE Bug 1201726 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "external",
"summary": "SUSE Bug 1209619 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1209619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-3028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3028"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3028",
"url": "https://www.suse.com/security/cve/CVE-2022-3028"
},
{
"category": "external",
"summary": "SUSE Bug 1202898 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "external",
"summary": "SUSE Bug 1212296 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1212296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-36879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36879"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36879",
"url": "https://www.suse.com/security/cve/CVE-2022-36879"
},
{
"category": "external",
"summary": "SUSE Bug 1201948 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "external",
"summary": "SUSE Bug 1212327 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1212327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-36879"
},
{
"cve": "CVE-2022-39188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39188"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39188",
"url": "https://www.suse.com/security/cve/CVE-2022-39188"
},
{
"category": "external",
"summary": "SUSE Bug 1203107 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "external",
"summary": "SUSE Bug 1203116 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203116"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212326 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1212326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-39188"
}
]
}
suse-su-2023:0634-1
Vulnerability from csaf_suse
Published
2023-03-07 10:35
Modified
2023-03-07 10:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2017-5754: Fixed speculative side channel attacks on various CPU platforms (bsc#1068032).
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem that could lead a local user to crash the system (bsc#1206664).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207134).
- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem (bsc#1207237).
The following non-security bugs were fixed:
- add 00f3ca2c2d66 ('mm: memcontrol: per-lruvec stats infrastructure')
- add 0b3d6e6f2dd0 mm: writeback: use exact memcg dirty counts
- add 168e06f7937d kernel/hung_task.c: force console verbose before panic
- add 1f4aace60b0e ('fs/seq_file.c: simplify seq_file iteration code and interface')
- add 304ae42739b1 kernel/hung_task.c: break RCU locks based on jiffies
- add 401c636a0eeb kernel/hung_task.c: show all hung tasks before panic
- add Tegra repository to git_sort.
- add a1c6ca3c6de7 kernel: hung_task.c: disable on suspend
- add c3cc39118c36 mm: memcontrol: fix NR_WRITEBACK leak in memcg and system stats
- add c892fd82cc06 mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create()
- add e27be240df53 mm: memcg: make sure memory.events is uptodate when waking pollers
- add support for enabling livepatching related packages on -RT (jsc#PED-1706)
- add suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149)
- amiflop: clean up on errors during setup (git-fixes).
- audit: ensure userspace is penalized the same as the kernel when under pressure (bsc#1204514).
- audit: improve robustness of the audit queue handling (bsc#1204514).
- bcache: fix super block seq numbers comparision in register_cache_set() (git-fixes).
- blk-cgroup: Fix memleak on error path (git-fixes).
- blk-cgroup: Pre-allocate tree node on blkg_conf_prep (git-fixes).
- blk-cgroup: fix missing put device in error path from blkg_conf_pref() (git-fixes).
- blk-mq: fix possible memleak when register 'hctx' failed (git-fixes).
- blk-mq: insert request not through ->queue_rq into sw/scheduler queue (git-fixes).
- blk-mq: move cancel of requeue_work into blk_mq_release (git-fixes).
- blktrace: Fix output non-blktrace event when blk_classic option enabled (git-fixes).
- blktrace: break out of blktrace setup on concurrent calls (git-fixes).
- blktrace: ensure our debugfs dir exists (git-fixes).
- blktrace: fix endianness for blk_log_remap() (git-fixes).
- blktrace: fix endianness in get_pdu_int() (git-fixes).
- blktrace: use errno instead of bi_status (git-fixes).
- block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (bsc#1175995,jsc#SLE-15608).
- block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (git-fixes).
- block, bfq: increase idling for weight-raised queues (git-fixes).
- block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (bsc#1207102).
- block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
- block/bio-integrity: do not free 'buf' if bio_integrity_add_page() failed (git-fixes).
- block/bio-integrity: fix a memory leak bug (git-fixes).
- block/swim: Check drive type (git-fixes).
- block/swim: Do not log an error message for an invalid ioctl (git-fixes).
- block/swim: Fix IO error at end of medium (git-fixes).
- block/swim: Rename macros to avoid inconsistent inverted logic (git-fixes).
- block/swim: Select appropriate drive on device open (git-fixes).
- block: Fix use-after-free issue accessing struct io_cq (git-fixes).
- block: add a lower-level bio_add_page interface (git-fixes).
- block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#1208541).
- block: fix memleak when __blk_rq_map_user_iov() is failed (git-fixes).
- block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR (git-fixes).
- brd: check and limit max_part par (git-fixes).
- compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES (git-fixes).
- constraints: increase disk space for all architectures References: bsc#1203693 aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is very close to the limit.
- cpu/hotplug: Fix 'SMT disabled by BIOS' detection for KVM (git-fixes).
- cryptoloop: add a deprecation warning (git-fixes).
- d6810d730022 ('memcg, THP, swap: make mem_cgroup_swapout() support THP')
- dm bio record: save/restore bi_end_io and bi_integrity (git-fixes).
- dm btree: add a defensive bounds check to insert_at() (git-fixes).
- dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort (git-fixes).
- dm cache: Fix UAF in destroy() (git-fixes).
- dm cache: set needs_check flag after aborting metadata (git-fixes).
- dm crypt: use u64 instead of sector_t to store iv_offset (git-fixes).
- dm flakey: Properly corrupt multi-page bios (git-fixes).
- dm ioctl: fix misbehavior if list_versions races with module loading (git-fixes).
- dm ioctl: prevent potential spectre v1 gadget (git-fixes).
- dm kcopyd: Fix bug causing workqueue stalls (git-fixes).
- dm raid: avoid bitmap with raid4/5/6 journal device (git-fixes).
- dm space map common: add bounds check to sm_ll_lookup_bitmap() (git-fixes).
- dm space maps: do not reset space map allocation cursor when committing (git-fixes).
- dm table: Remove BUG_ON(in_interrupt()) (git-fixes).
- dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (git-fixes).
- dm thin: Fix UAF in run_timer_softirq() (git-fixes).
- dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
- dm thin: add sanity checks to thin-pool and external snapshot creation (git-fixes).
- dm thin: resume even if in FAIL mode (git-fixes).
- dm verity: skip verity work if I/O error when system is shutting down (git-fixes).
- dm verity: use message limit for data block corruption message (git-fixes).
- dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone (git-fixes).
- dm: Use kzalloc for all structs with embedded biosets/mempools (git-fixes).
- do not dump the threads that had been already exiting when zapped (git-fixes).
- drbd: Change drbd_request_detach_interruptible's return type to int (git-fixes).
- drbd: destroy workqueue when drbd device was freed (git-fixes).
- drbd: do not block when adjusting 'disk-options' while IO is frozen (git-fixes).
- drbd: dynamically allocate shash descriptor (git-fixes).
- drbd: fix potential silent data corruption (git-fixes).
- drbd: fix print_st_err()'s prototype to match the definition (git-fixes).
- drbd: ignore 'all zero' peer volume sizes in handshake (git-fixes).
- drbd: reject attach of unsuitable uuids even if connected (git-fixes).
- drbd: remove usage of list iterator variable after loop (git-fixes).
- drbd: use after free in drbd_create_device() (git-fixes).
- drivers/block/zram/zram_drv.c: fix bug storing backing_dev (git-fixes).
- drivers:md:fix a potential use-after-free bug (git-fixes).
- ext4: Detect already used quota file early (bsc#1206873).
- ext4: Fixup pages without buffers (bsc#1205495).
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- ext4: add reserved GDT blocks check (bsc#1202712).
- ext4: avoid crash when inline data creation follows DIO write (bsc#1206883).
- ext4: avoid resizing to a partial cluster size (bsc#1206880).
- ext4: clear mmp sequence number when remounting read-only (bsc#1207093).
- ext4: continue to expand file system when the target size does not reach (bsc#1206882).
- ext4: correct max_inline_xattr_value_size computing (bsc#1206878).
- ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).
- ext4: do not BUG if someone dirty pages without asking ext4 first (bsc#1207097).
- ext4: fix a data race at inode->i_disksize (bsc#1206855).
- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bsc#1207092).
- ext4: fix extent status tree race in writeback error recovery path (bsc#1206877).
- ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).
- ext4: fix race when reusing xattr blocks (bsc#1198971).
- ext4: fix undefined behavior in bit shift for ext4_check_flag_values (bsc#1206890).
- ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).
- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).
- ext4: fix warning in 'ext4_da_release_space' (bsc#1206887).
- ext4: make ext4_lazyinit_thread freezable (bsc#1206885).
- ext4: prohibit fstrim in norecovery mode (bsc#1207094).
- ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713).
- ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).
- ext4: update s_overhead_clusters in the superblock during an on-line resize (bsc#1206876).
- ext4: use matching invalidatepage in ext4_writepage (bsc#1206858).
- floppy: Add max size check for user space request (git-fixes).
- ftrace: Enable trampoline when rec count returns back to one (git-fixes).
- ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() (git-fixes).
- ftrace: Fix updating FTRACE_FL_TRAMP (git-fixes).
- ftrace: fpid_next() should increase position index (git-fixes).
- git_sort: add usb-linus branch for gregkh/usb
- gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (git-fixes).
- hid: betop: check shape of output reports (git-fixes, bsc#1207186).
- hid: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes, bsc#1207186).
- hid: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).
- iforce: restore old iforce_dump_packet (git-fixes).
- input: convert autorepeat timer to use timer_setup() (git-fixes).
- input: do not use WARN() in input_alloc_absinfo() (git-fixes).
- input: i8042 - Add quirk for Fujitsu Lifebook T725 (git-fixes).
- input: iforce - reformat the packet dump output (git-fixes).
- input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes). Heavily modified, as prerequisites for taking it as is would utterly ruin kABI
- input: replace hard coded string with __func__ in pr_err() (git-fixes).
- input: switch to using sizeof(*type) when allocating memory (git-fixes).
- input: use seq_putc() in input_seq_print_bitmap() (git-fixes).
- input: use seq_puts() in input_devices_seq_show() (git-fixes).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).
- ipmi: Move remove_work to dedicated workqueue (git-fixes).
- ipmi: fix memleak when unload ipmi driver (git-fixes).
- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
- isofs: reject hardware sector size > 2048 bytes (bsc#1207103).
- jbd2: use the correct print format (git-fixes).
- kABI: cpu/hotplug: reexport cpu_smt_control (kabi).
- kbuild: clear LDFLAGS in the top Makefile (bsc#1203200).
- kernel/sys.c: avoid copying possible padding bytes in copy_to_user (git-fixes).
- kprobes, x86/alternatives: Use text_mutex to protect smp_alt_modules (git-fixes).
- kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack (git-fixes).
- loop: Add LOOP_SET_DIRECT_IO to compat ioctl (git-fixes).
- loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
- m68k/mac: Do not remap SWIM MMIO region (git-fixes).
- makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
- mbcache: add functions to delete entry if unused (bsc#1198971).
- mbcache: do not reclaim used entries (bsc#1198971).
- md/raid1: stop mdx_raid1 thread when raid1 array run failed (git-fixes).
- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
- md: fix a crash in mempool_free (git-fixes).
- md: protect md_unregister_thread from reentrancy (git-fixes).
- memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure (bsc#1208108).
- mm/filemap.c: clear page error before actual read (bsc#1206635).
- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449, bsc#1204356, bsc#1204662).
- nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag (git-fixes).
- nbd: Fix NULL pointer in flush_workqueue (git-fixes).
- nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (git-fixes).
- nbd: add a flush_workqueue in nbd_start_device (git-fixes).
- nbd: add missing config put (git-fixes).
- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
- nbd: do not requeue the same request twice (git-fixes).
- nbd: fix a block_device refcount leak in nbd_release (git-fixes).
- nbd: fix crash when the blksize is zero (git-fixes).
- nbd: fix io hung while disconnecting device (git-fixes).
- nbd: fix max number of supported devs (git-fixes).
- nbd: fix possible sysfs duplicate warning (git-fixes).
- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
- nbd: fix shutdown and recv work deadlock v2 (git-fixes).
- nbd: handle racing with error'ed out commands (git-fixes).
- nbd: handle unexpected replies better (git-fixes).
- nbd: make the config put is called before the notifying the waiter (git-fixes).
- nbd: verify socket is supported during setup (git-fixes).
- nbd:fix memory leak in nbd_get_socket() (git-fixes).
- net/ethernet/freescale: rework quiesce/activate for ucc_geth (git-fixes).
- net/mlx5e: Set of completion request bit should not clear other adjacent bits (git-fixes).
- net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).
- net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).
- net: allwinner: Fix use correct return type for ndo_start_xmit() (git-fixes).
- net: bcmgenet: suppress warnings on failed Rx SKB allocations (git-fixes).
- net: bmac: Fix read of MAC address from ROM (git-fixes).
- net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans (git-fixes).
- net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
- net: qed*: Reduce RX and TX default ring count when running inside kdump kernel (git-fixes).
- net: stmmac: Fix sub-second increment (git-fixes).
- net: systemport: suppress warnings on failed Rx SKB allocations (git-fixes).
- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).
- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (git-fixes).
- net: usb: lan78xx: do not modify phy_device state concurrently (git-fixes).
- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- net: usb: sr9700: Handle negative len (git-fixes).
- null_blk: Handle null_add_dev() failures properly (git-fixes).
- null_blk: fix spurious IO errors after failed past-wp access (git-fixes).
- panic: unset panic_on_warn inside panic() (git-fixes).
- parisc: Fix HP SDC hpa address output (git-fixes).
- parisc: Fix serio address output (git-fixes).
- pci/aspm: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
- pci/aspm: Declare threshold_ns as u32, not u64 (git-fixes).
- pci/sysfs: Fix double free in error path (git-fixes).
- pci: Check for alloc failure in pci_request_irq() (git-fixes).
- pci: Fix pci_device_is_present() for VFs by checking PF (git-fixes).
- pci: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).
- pci: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).
- prlimit: do_prlimit needs to have a speculation check (git-fixes).
- ps3disk: use the default segment boundary (git-fixes).
- ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (git-fixes).
- quota: Check next/prev free block number after reading from quota file (bsc#1206640).
- quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls (bsc#1207104).
- revert 'blkdev: check for valid request queue before issuing flush' (git-fixes).
- revert 'dm cache: fix arm link errors with inline' (git-fixes).
- revert 'scsi: core: run queue if SCSI device queue isn't ready and queue is idle' (git-fixes).
- rpm/check-for-config-changes: add OBJTOOL and FTRACE_MCOUNT_USE_* Dummy gcc pretends to support -mrecord-mcount option but actual gcc on ppc64le does not. Therefore ppc64le builds of 6.2-rc1 and later in OBS enable FTRACE_MCOUNT_USE_OBJTOOL and OBJTOOL config options, resulting in check failure. As we already have FTRACE_MCOUNT_USE_CC and FTRACE_MCOUNT_USE_RECORDMCOUNT in the exception list, replace them with a general pattern. And add OBJTOOL as well.
- rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.
- rpm/kernel-binary.spec.in: Add Enhances and Supplements tags to in-tree KMPs This makes in-tree KMPs more consistent with externally built KMPs and silences several rpmlint warnings.
- rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage
- rsxx: add missed destroy_workqueue calls in remove (git-fixes).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
- sbitmap: fix lockup while swapping (bsc#1206602).
- scripts/CKC: Do not use empty branches file Do not use it and do not write neither.
- scripts/CKC: Make checker more specific
- scripts/CKC: Make checker script download branches.conf Requires curl, downloads and caches the branches.conf file.
- scripts/CKC: do not output from shopt shopt outputs the status of the flag, so that git grep looks like: git grep -qi 'nocasematch off ^References:.*bsc#1202195' remotes/origin/SLE15-SP2-RT -- 'patches.*' I do not know how it can work (it does -- maybe thanks to ^), but it's not definitely OK. So make shopt in term2regex() quiet.
- scripts/CKC: simplify print_branch AFAIU, it's simply: printf '%-23s'
- scripts/CKC: store local branches with $USER prefix So that on shared machines, it can be overwritten when expires.
- scripts/CKC: test accepts only =, not == And put $1 into '' too.
- scripts/git_sort/git_sort.py: Add arm-soc for-next tree.
- scripts/wd-functions.sh: fix get_branch_name() in worktree Instead of using a hard-coded path for the git directory, use git rev-parse with --git-dir flag, introduced since 0.99.7, to find the git directory so branch name can be correctly detected while in git worktrees.
- scsi: fcoe: Fix possible name leak when device_register() fails (git-fixes).
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (git-fixes).
- scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
- scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (git-fixes).
- scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).
- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).
- scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).
- scsi: qla2xxx: Fix erroneous link down (bsc#1208570).
- scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).
- scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#1208570).
- scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).
- scsi: qla2xxx: Fix printk() format string (bsc#1208570).
- scsi: qla2xxx: Fix stalled login (bsc#1208570).
- scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#1208570).
- scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).
- scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).
- scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).
- scsi: qla2xxx: Remove dead code (bsc#1208570).
- scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).
- scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).
- scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).
- scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called (bsc#1208570).
- scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).
- scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).
- scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).
- scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#1208570).
- scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).
- scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#1208570).
- scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).
- scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).
- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (git-fixes).
- scsi: smartpqi: use processor ID for hwqueue for non-mq case .
- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
- scsi: target: core: Add CONTROL field for trace events (git-fixes).
- sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).
- signal handling: do not use BUG_ON() for debugging (git-fixes).
- struct dwc3: move new members to the end (git-fixes).
- sunrpc: make lockless test safe (bsc#1207201).
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (git-fixes).
- swim: fix cleanup on setup error (git-fixes).
- tracing/cfi: Fix cmp_entries_* functions signature mismatch (git-fixes).
- tracing: Adding NULL checks for trace_array descriptor pointer (git-fixes).
- tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
- tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
- tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line (git-fixes).
- tracing: Fix sleeping function called from invalid context on RT kernel (git-fixes).
- tracing: Fix stack trace event size (git-fixes).
- tracing: Fix tp_printk option related with tp_printk_stop_on_boot (git-fixes).
- tracing: Make sure trace_printk() can output as soon as it can be used (git-fixes).
- tracing: Set kernel_stack's caller size properly (git-fixes).
- tracing: Use address-of operator on section symbols (git-fixes).
- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (git-fixes).
- trigger_next should increase position index (git-fixes).
- udf: Avoid accessing uninitialized data on failed inode read (bsc#1206642).
- udf: Check LVID earlier (bsc#1207108).
- udf: Fix BUG on corrupted inode (bsc#1207107).
- udf: Fix NULL pointer dereference in udf_symlink function (bsc#1206646).
- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
- udf: Fix free space reporting for metadata and virtual partitions (bsc#1206641).
- udf: Limit sparing table size (bsc#1206643).
- udf: fix silent AED tagLocation corruption (bsc#1206645).
- udf_get_extendedattr() had no boundary checks (bsc#1206648).
- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
- usb: dwc3: core: Call dwc3_core_get_phy() before initializing phys (git-fixes).
- usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume (git-fixes).
- usb: dwc3: core: initialize ULPI before trying to get the PHY (git-fixes).
- usb: dwc3: fix PHY disable sequence (git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).
- usb: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
- virtio-blk: Fix memory leak among suspend/resume procedure (git-fixes).
- virtio_console: break out of buf poll on remove (git-fixes).
- virtio_console: eliminate anonymous module_init & module_exit (git-fixes).
- x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk (git-fixes).
- x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models (git-fixes).
- x86/asm: Add instruction suffixes to bitops (git-fixes).
- x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates (git-fixes).
- x86/bugs: Move the l1tf function and define pr_fmt properly (git-fixes).
- x86/earlyprintk: Add a force option for pciserial device (git-fixes).
- x86/entry/64: Add instruction suffix (git-fixes).
- x86/fpu: Add might_fault() to user_insn() (git-fixes).
- x86/hpet: Prevent potential NULL pointer dereference (git-fixes).
- x86/kexec: Do not setup EFI info if EFI runtime is not enabled (git-fixes).
- x86/mce-inject: Reset injection struct after injection (git-fixes).
- x86/mce/mce-inject: Preset the MCE injection struct (git-fixes).
- x86/mce: Fix -Wmissing-prototypes warnings (git-fixes).
- x86/mm: Do not leak kernel addresses (git-fixes).
- x86/speculation: Add support for STIBP always-on preferred mode (git-fixes).
- x86/speculation: Change misspelled STIPB to STIBP (git-fixes).
- x86: boot: Fix EFI stub alignment (git-fixes).
- x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
- xen-netfront: Fix hang on device removal (bsc#1206698).
- xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init (git-fixes).
- xfs: Fix bulkstat compat ioctls on x32 userspace (git-fixes).
- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-fixes).
- xfs: fix attr leaf header freemap.size underflow (git-fixes).
- xfs: fix leaks on corruption errors in xfs_bmap.c (git-fixes).
- xfs: fix mount failure crash on invalid iclog memory access (git-fixes).
- xfs: fix partially uninitialized structure in xfs_reflink_remap_extent (git-fixes).
- xfs: fix realtime bitmap/summary file truncation when growing rt volume (git-fixes).
- xfs: fix use-after-free race in xfs_buf_rele (git-fixes).
- xfs: initialize the shortform attr header padding entry (git-fixes).
- xfs: make sure the rt allocator does not run off the end (git-fixes).
- xfs: require both realtime inodes to mount (git-fixes).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
- zram: fix double free backing device (git-fixes).
Patchnames
SUSE-2023-634,SUSE-SLE-HA-12-SP5-2023-634,SUSE-SLE-Live-Patching-12-SP5-2023-634,SUSE-SLE-SDK-12-SP5-2023-634,SUSE-SLE-SERVER-12-SP5-2023-634,SUSE-SLE-WE-12-SP5-2023-634
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2017-5754: Fixed speculative side channel attacks on various CPU platforms (bsc#1068032).\n- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).\n- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).\n- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem that could lead a local user to crash the system (bsc#1206664).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207134).\n- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem (bsc#1207237).\n\nThe following non-security bugs were fixed:\n\n- add 00f3ca2c2d66 (\u0027mm: memcontrol: per-lruvec stats infrastructure\u0027)\n- add 0b3d6e6f2dd0 mm: writeback: use exact memcg dirty counts\n- add 168e06f7937d kernel/hung_task.c: force console verbose before panic\n- add 1f4aace60b0e (\u0027fs/seq_file.c: simplify seq_file iteration code and interface\u0027)\n- add 304ae42739b1 kernel/hung_task.c: break RCU locks based on jiffies\n- add 401c636a0eeb kernel/hung_task.c: show all hung tasks before panic\n- add Tegra repository to git_sort.\n- add a1c6ca3c6de7 kernel: hung_task.c: disable on suspend\n- add c3cc39118c36 mm: memcontrol: fix NR_WRITEBACK leak in memcg and system stats\n- add c892fd82cc06 mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create()\n- add e27be240df53 mm: memcg: make sure memory.events is uptodate when waking pollers\n- add support for enabling livepatching related packages on -RT (jsc#PED-1706)\n- add suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149)\n- amiflop: clean up on errors during setup (git-fixes).\n- audit: ensure userspace is penalized the same as the kernel when under pressure (bsc#1204514).\n- audit: improve robustness of the audit queue handling (bsc#1204514).\n- bcache: fix super block seq numbers comparision in register_cache_set() (git-fixes).\n- blk-cgroup: Fix memleak on error path (git-fixes).\n- blk-cgroup: Pre-allocate tree node on blkg_conf_prep (git-fixes).\n- blk-cgroup: fix missing put device in error path from blkg_conf_pref() (git-fixes).\n- blk-mq: fix possible memleak when register \u0027hctx\u0027 failed (git-fixes).\n- blk-mq: insert request not through -\u003equeue_rq into sw/scheduler queue (git-fixes).\n- blk-mq: move cancel of requeue_work into blk_mq_release (git-fixes).\n- blktrace: Fix output non-blktrace event when blk_classic option enabled (git-fixes).\n- blktrace: break out of blktrace setup on concurrent calls (git-fixes).\n- blktrace: ensure our debugfs dir exists (git-fixes).\n- blktrace: fix endianness for blk_log_remap() (git-fixes).\n- blktrace: fix endianness in get_pdu_int() (git-fixes).\n- blktrace: use errno instead of bi_status (git-fixes).\n- block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (bsc#1175995,jsc#SLE-15608).\n- block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (git-fixes).\n- block, bfq: increase idling for weight-raised queues (git-fixes).\n- block, bfq: protect \u0027bfqd-\u003equeued\u0027 by \u0027bfqd-\u003elock\u0027 (bsc#1207102).\n- block, bfq: protect \u0027bfqd-\u003equeued\u0027 by \u0027bfqd-\u003elock\u0027 (git-fixes).\n- block/bio-integrity: do not free \u0027buf\u0027 if bio_integrity_add_page() failed (git-fixes).\n- block/bio-integrity: fix a memory leak bug (git-fixes).\n- block/swim: Check drive type (git-fixes).\n- block/swim: Do not log an error message for an invalid ioctl (git-fixes).\n- block/swim: Fix IO error at end of medium (git-fixes).\n- block/swim: Rename macros to avoid inconsistent inverted logic (git-fixes).\n- block/swim: Select appropriate drive on device open (git-fixes).\n- block: Fix use-after-free issue accessing struct io_cq (git-fixes).\n- block: add a lower-level bio_add_page interface (git-fixes).\n- block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#1208541).\n- block: fix memleak when __blk_rq_map_user_iov() is failed (git-fixes).\n- block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR (git-fixes).\n- brd: check and limit max_part par (git-fixes).\n- compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES (git-fixes).\n- constraints: increase disk space for all architectures References: bsc#1203693 aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is very close to the limit.\n- cpu/hotplug: Fix \u0027SMT disabled by BIOS\u0027 detection for KVM (git-fixes).\n- cryptoloop: add a deprecation warning (git-fixes).\n- d6810d730022 (\u0027memcg, THP, swap: make mem_cgroup_swapout() support THP\u0027)\n- dm bio record: save/restore bi_end_io and bi_integrity (git-fixes).\n- dm btree: add a defensive bounds check to insert_at() (git-fixes).\n- dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort (git-fixes).\n- dm cache: Fix UAF in destroy() (git-fixes).\n- dm cache: set needs_check flag after aborting metadata (git-fixes).\n- dm crypt: use u64 instead of sector_t to store iv_offset (git-fixes).\n- dm flakey: Properly corrupt multi-page bios (git-fixes).\n- dm ioctl: fix misbehavior if list_versions races with module loading (git-fixes).\n- dm ioctl: prevent potential spectre v1 gadget (git-fixes).\n- dm kcopyd: Fix bug causing workqueue stalls (git-fixes).\n- dm raid: avoid bitmap with raid4/5/6 journal device (git-fixes).\n- dm space map common: add bounds check to sm_ll_lookup_bitmap() (git-fixes).\n- dm space maps: do not reset space map allocation cursor when committing (git-fixes).\n- dm table: Remove BUG_ON(in_interrupt()) (git-fixes).\n- dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (git-fixes).\n- dm thin: Fix UAF in run_timer_softirq() (git-fixes).\n- dm thin: Use last transaction\u0027s pmd-\u003eroot when commit failed (git-fixes).\n- dm thin: add sanity checks to thin-pool and external snapshot creation (git-fixes).\n- dm thin: resume even if in FAIL mode (git-fixes).\n- dm verity: skip verity work if I/O error when system is shutting down (git-fixes).\n- dm verity: use message limit for data block corruption message (git-fixes).\n- dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone (git-fixes).\n- dm: Use kzalloc for all structs with embedded biosets/mempools (git-fixes).\n- do not dump the threads that had been already exiting when zapped (git-fixes).\n- drbd: Change drbd_request_detach_interruptible\u0027s return type to int (git-fixes).\n- drbd: destroy workqueue when drbd device was freed (git-fixes).\n- drbd: do not block when adjusting \u0027disk-options\u0027 while IO is frozen (git-fixes).\n- drbd: dynamically allocate shash descriptor (git-fixes).\n- drbd: fix potential silent data corruption (git-fixes).\n- drbd: fix print_st_err()\u0027s prototype to match the definition (git-fixes).\n- drbd: ignore \u0027all zero\u0027 peer volume sizes in handshake (git-fixes).\n- drbd: reject attach of unsuitable uuids even if connected (git-fixes).\n- drbd: remove usage of list iterator variable after loop (git-fixes).\n- drbd: use after free in drbd_create_device() (git-fixes).\n- drivers/block/zram/zram_drv.c: fix bug storing backing_dev (git-fixes).\n- drivers:md:fix a potential use-after-free bug (git-fixes).\n- ext4: Detect already used quota file early (bsc#1206873).\n- ext4: Fixup pages without buffers (bsc#1205495).\n- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).\n- ext4: add reserved GDT blocks check (bsc#1202712).\n- ext4: avoid crash when inline data creation follows DIO write (bsc#1206883).\n- ext4: avoid resizing to a partial cluster size (bsc#1206880).\n- ext4: clear mmp sequence number when remounting read-only (bsc#1207093).\n- ext4: continue to expand file system when the target size does not reach (bsc#1206882).\n- ext4: correct max_inline_xattr_value_size computing (bsc#1206878).\n- ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).\n- ext4: do not BUG if someone dirty pages without asking ext4 first (bsc#1207097).\n- ext4: fix a data race at inode-\u003ei_disksize (bsc#1206855).\n- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bsc#1207092).\n- ext4: fix extent status tree race in writeback error recovery path (bsc#1206877).\n- ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).\n- ext4: fix race when reusing xattr blocks (bsc#1198971).\n- ext4: fix undefined behavior in bit shift for ext4_check_flag_values (bsc#1206890).\n- ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).\n- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).\n- ext4: fix warning in \u0027ext4_da_release_space\u0027 (bsc#1206887).\n- ext4: make ext4_lazyinit_thread freezable (bsc#1206885).\n- ext4: prohibit fstrim in norecovery mode (bsc#1207094).\n- ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713).\n- ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n- ext4: update s_overhead_clusters in the superblock during an on-line resize (bsc#1206876).\n- ext4: use matching invalidatepage in ext4_writepage (bsc#1206858).\n- floppy: Add max size check for user space request (git-fixes).\n- ftrace: Enable trampoline when rec count returns back to one (git-fixes).\n- ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() (git-fixes).\n- ftrace: Fix updating FTRACE_FL_TRAMP (git-fixes).\n- ftrace: fpid_next() should increase position index (git-fixes).\n- git_sort: add usb-linus branch for gregkh/usb\n- gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (git-fixes).\n- hid: betop: check shape of output reports (git-fixes, bsc#1207186).\n- hid: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes, bsc#1207186).\n- hid: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).\n- iforce: restore old iforce_dump_packet (git-fixes).\n- input: convert autorepeat timer to use timer_setup() (git-fixes).\n- input: do not use WARN() in input_alloc_absinfo() (git-fixes).\n- input: i8042 - Add quirk for Fujitsu Lifebook T725 (git-fixes).\n- input: iforce - reformat the packet dump output (git-fixes).\n- input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes). Heavily modified, as prerequisites for taking it as is would utterly ruin kABI\n- input: replace hard coded string with __func__ in pr_err() (git-fixes).\n- input: switch to using sizeof(*type) when allocating memory (git-fixes).\n- input: use seq_putc() in input_seq_print_bitmap() (git-fixes).\n- input: use seq_puts() in input_devices_seq_show() (git-fixes).\n- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).\n- ipmi: Move remove_work to dedicated workqueue (git-fixes).\n- ipmi: fix memleak when unload ipmi driver (git-fixes).\n- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).\n- isofs: reject hardware sector size \u003e 2048 bytes (bsc#1207103).\n- jbd2: use the correct print format (git-fixes).\n- kABI: cpu/hotplug: reexport cpu_smt_control (kabi).\n- kbuild: clear LDFLAGS in the top Makefile (bsc#1203200).\n- kernel/sys.c: avoid copying possible padding bytes in copy_to_user (git-fixes).\n- kprobes, x86/alternatives: Use text_mutex to protect smp_alt_modules (git-fixes).\n- kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack (git-fixes).\n- loop: Add LOOP_SET_DIRECT_IO to compat ioctl (git-fixes).\n- loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).\n- m68k/mac: Do not remap SWIM MMIO region (git-fixes).\n- makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).\n- mbcache: add functions to delete entry if unused (bsc#1198971).\n- mbcache: do not reclaim used entries (bsc#1198971).\n- md/raid1: stop mdx_raid1 thread when raid1 array run failed (git-fixes).\n- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).\n- md: fix a crash in mempool_free (git-fixes).\n- md: protect md_unregister_thread from reentrancy (git-fixes).\n- memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure (bsc#1208108).\n- mm/filemap.c: clear page error before actual read (bsc#1206635).\n- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449, bsc#1204356, bsc#1204662).\n- nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag (git-fixes).\n- nbd: Fix NULL pointer in flush_workqueue (git-fixes).\n- nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (git-fixes).\n- nbd: add a flush_workqueue in nbd_start_device (git-fixes).\n- nbd: add missing config put (git-fixes).\n- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).\n- nbd: do not requeue the same request twice (git-fixes).\n- nbd: fix a block_device refcount leak in nbd_release (git-fixes).\n- nbd: fix crash when the blksize is zero (git-fixes).\n- nbd: fix io hung while disconnecting device (git-fixes).\n- nbd: fix max number of supported devs (git-fixes).\n- nbd: fix possible sysfs duplicate warning (git-fixes).\n- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).\n- nbd: fix shutdown and recv work deadlock v2 (git-fixes).\n- nbd: handle racing with error\u0027ed out commands (git-fixes).\n- nbd: handle unexpected replies better (git-fixes).\n- nbd: make the config put is called before the notifying the waiter (git-fixes).\n- nbd: verify socket is supported during setup (git-fixes).\n- nbd:fix memory leak in nbd_get_socket() (git-fixes).\n- net/ethernet/freescale: rework quiesce/activate for ucc_geth (git-fixes).\n- net/mlx5e: Set of completion request bit should not clear other adjacent bits (git-fixes).\n- net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).\n- net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).\n- net: allwinner: Fix use correct return type for ndo_start_xmit() (git-fixes).\n- net: bcmgenet: suppress warnings on failed Rx SKB allocations (git-fixes).\n- net: bmac: Fix read of MAC address from ROM (git-fixes).\n- net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans (git-fixes).\n- net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).\n- net: qed*: Reduce RX and TX default ring count when running inside kdump kernel (git-fixes).\n- net: stmmac: Fix sub-second increment (git-fixes).\n- net: systemport: suppress warnings on failed Rx SKB allocations (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (git-fixes).\n- net: usb: lan78xx: do not modify phy_device state concurrently (git-fixes).\n- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).\n- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).\n- net: usb: sr9700: Handle negative len (git-fixes).\n- null_blk: Handle null_add_dev() failures properly (git-fixes).\n- null_blk: fix spurious IO errors after failed past-wp access (git-fixes).\n- panic: unset panic_on_warn inside panic() (git-fixes).\n- parisc: Fix HP SDC hpa address output (git-fixes).\n- parisc: Fix serio address output (git-fixes).\n- pci/aspm: Correct LTR_L1.2_THRESHOLD computation (git-fixes).\n- pci/aspm: Declare threshold_ns as u32, not u64 (git-fixes).\n- pci/sysfs: Fix double free in error path (git-fixes).\n- pci: Check for alloc failure in pci_request_irq() (git-fixes).\n- pci: Fix pci_device_is_present() for VFs by checking PF (git-fixes).\n- pci: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).\n- pci: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).\n- prlimit: do_prlimit needs to have a speculation check (git-fixes).\n- ps3disk: use the default segment boundary (git-fixes).\n- ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (git-fixes).\n- quota: Check next/prev free block number after reading from quota file (bsc#1206640).\n- quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls (bsc#1207104).\n- revert \u0027blkdev: check for valid request queue before issuing flush\u0027 (git-fixes).\n- revert \u0027dm cache: fix arm link errors with inline\u0027 (git-fixes).\n- revert \u0027scsi: core: run queue if SCSI device queue isn\u0027t ready and queue is idle\u0027 (git-fixes).\n- rpm/check-for-config-changes: add OBJTOOL and FTRACE_MCOUNT_USE_* Dummy gcc pretends to support -mrecord-mcount option but actual gcc on ppc64le does not. Therefore ppc64le builds of 6.2-rc1 and later in OBS enable FTRACE_MCOUNT_USE_OBJTOOL and OBJTOOL config options, resulting in check failure. As we already have FTRACE_MCOUNT_USE_CC and FTRACE_MCOUNT_USE_RECORDMCOUNT in the exception list, replace them with a general pattern. And add OBJTOOL as well.\n- rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.\n- rpm/kernel-binary.spec.in: Add Enhances and Supplements tags to in-tree KMPs This makes in-tree KMPs more consistent with externally built KMPs and silences several rpmlint warnings.\n- rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage\n- rsxx: add missed destroy_workqueue calls in remove (git-fixes).\n- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).\n- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).\n- sbitmap: fix lockup while swapping (bsc#1206602).\n- scripts/CKC: Do not use empty branches file Do not use it and do not write neither.\n- scripts/CKC: Make checker more specific\n- scripts/CKC: Make checker script download branches.conf Requires curl, downloads and caches the branches.conf file.\n- scripts/CKC: do not output from shopt shopt outputs the status of the flag, so that git grep looks like: git grep -qi \u0027nocasematch off ^References:.*bsc#1202195\u0027 remotes/origin/SLE15-SP2-RT -- \u0027patches.*\u0027 I do not know how it can work (it does -- maybe thanks to ^), but it\u0027s not definitely OK. So make shopt in term2regex() quiet.\n- scripts/CKC: simplify print_branch AFAIU, it\u0027s simply: printf \u0027%-23s\u0027\n- scripts/CKC: store local branches with $USER prefix So that on shared machines, it can be overwritten when expires.\n- scripts/CKC: test accepts only =, not == And put $1 into \u0027\u0027 too.\n- scripts/git_sort/git_sort.py: Add arm-soc for-next tree.\n- scripts/wd-functions.sh: fix get_branch_name() in worktree Instead of using a hard-coded path for the git directory, use git rev-parse with --git-dir flag, introduced since 0.99.7, to find the git directory so branch name can be correctly detected while in git worktrees.\n- scsi: fcoe: Fix possible name leak when device_register() fails (git-fixes).\n- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (git-fixes).\n- scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).\n- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).\n- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (git-fixes).\n- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).\n- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).\n- scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (git-fixes).\n- scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).\n- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).\n- scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).\n- scsi: qla2xxx: Fix erroneous link down (bsc#1208570).\n- scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).\n- scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#1208570).\n- scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).\n- scsi: qla2xxx: Fix printk() format string (bsc#1208570).\n- scsi: qla2xxx: Fix stalled login (bsc#1208570).\n- scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#1208570).\n- scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (bsc#1208570).\n- scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).\n- scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).\n- scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).\n- scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called (bsc#1208570).\n- scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).\n- scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).\n- scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).\n- scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#1208570).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).\n- scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#1208570).\n- scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).\n- scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).\n- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).\n- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (git-fixes).\n- scsi: smartpqi: use processor ID for hwqueue for non-mq case .\n- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).\n- scsi: target: core: Add CONTROL field for trace events (git-fixes).\n- sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).\n- signal handling: do not use BUG_ON() for debugging (git-fixes).\n- struct dwc3: move new members to the end (git-fixes).\n- sunrpc: make lockless test safe (bsc#1207201).\n- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (git-fixes).\n- swim: fix cleanup on setup error (git-fixes).\n- tracing/cfi: Fix cmp_entries_* functions signature mismatch (git-fixes).\n- tracing: Adding NULL checks for trace_array descriptor pointer (git-fixes).\n- tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).\n- tracing: Fix a kmemleak false positive in tracing_map (git-fixes).\n- tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line (git-fixes).\n- tracing: Fix sleeping function called from invalid context on RT kernel (git-fixes).\n- tracing: Fix stack trace event size (git-fixes).\n- tracing: Fix tp_printk option related with tp_printk_stop_on_boot (git-fixes).\n- tracing: Make sure trace_printk() can output as soon as it can be used (git-fixes).\n- tracing: Set kernel_stack\u0027s caller size properly (git-fixes).\n- tracing: Use address-of operator on section symbols (git-fixes).\n- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (git-fixes).\n- trigger_next should increase position index (git-fixes).\n- udf: Avoid accessing uninitialized data on failed inode read (bsc#1206642).\n- udf: Check LVID earlier (bsc#1207108).\n- udf: Fix BUG on corrupted inode (bsc#1207107).\n- udf: Fix NULL pointer dereference in udf_symlink function (bsc#1206646).\n- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).\n- udf: Fix free space reporting for metadata and virtual partitions (bsc#1206641).\n- udf: Limit sparing table size (bsc#1206643).\n- udf: fix silent AED tagLocation corruption (bsc#1206645).\n- udf_get_extendedattr() had no boundary checks (bsc#1206648).\n- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).\n- usb: dwc3: core: Call dwc3_core_get_phy() before initializing phys (git-fixes).\n- usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume (git-fixes).\n- usb: dwc3: core: initialize ULPI before trying to get the PHY (git-fixes).\n- usb: dwc3: fix PHY disable sequence (git-fixes).\n- usb: dwc3: gadget: Fix event pending check (git-fixes).\n- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).\n- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n- usb: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).\n- virtio-blk: Fix memory leak among suspend/resume procedure (git-fixes).\n- virtio_console: break out of buf poll on remove (git-fixes).\n- virtio_console: eliminate anonymous module_init \u0026 module_exit (git-fixes).\n- x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk (git-fixes).\n- x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models (git-fixes).\n- x86/asm: Add instruction suffixes to bitops (git-fixes).\n- x86/asm: Remove unnecessary \\n\\t in front of CC_SET() from asm templates (git-fixes).\n- x86/bugs: Move the l1tf function and define pr_fmt properly (git-fixes).\n- x86/earlyprintk: Add a force option for pciserial device (git-fixes).\n- x86/entry/64: Add instruction suffix (git-fixes).\n- x86/fpu: Add might_fault() to user_insn() (git-fixes).\n- x86/hpet: Prevent potential NULL pointer dereference (git-fixes).\n- x86/kexec: Do not setup EFI info if EFI runtime is not enabled (git-fixes).\n- x86/mce-inject: Reset injection struct after injection (git-fixes).\n- x86/mce/mce-inject: Preset the MCE injection struct (git-fixes).\n- x86/mce: Fix -Wmissing-prototypes warnings (git-fixes).\n- x86/mm: Do not leak kernel addresses (git-fixes).\n- x86/speculation: Add support for STIBP always-on preferred mode (git-fixes).\n- x86/speculation: Change misspelled STIPB to STIBP (git-fixes).\n- x86: boot: Fix EFI stub alignment (git-fixes).\n- x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).\n- xen-netfront: Fix hang on device removal (bsc#1206698).\n- xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init (git-fixes).\n- xfs: Fix bulkstat compat ioctls on x32 userspace (git-fixes).\n- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-fixes).\n- xfs: fix attr leaf header freemap.size underflow (git-fixes).\n- xfs: fix leaks on corruption errors in xfs_bmap.c (git-fixes).\n- xfs: fix mount failure crash on invalid iclog memory access (git-fixes).\n- xfs: fix partially uninitialized structure in xfs_reflink_remap_extent (git-fixes).\n- xfs: fix realtime bitmap/summary file truncation when growing rt volume (git-fixes).\n- xfs: fix use-after-free race in xfs_buf_rele (git-fixes).\n- xfs: initialize the shortform attr header padding entry (git-fixes).\n- xfs: make sure the rt allocator does not run off the end (git-fixes).\n- xfs: require both realtime inodes to mount (git-fixes).\n- xhci: Do not show warning for reinit on known broken suspend (git-fixes).\n- zram: fix double free backing device (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-634,SUSE-SLE-HA-12-SP5-2023-634,SUSE-SLE-Live-Patching-12-SP5-2023-634,SUSE-SLE-SDK-12-SP5-2023-634,SUSE-SLE-SERVER-12-SP5-2023-634,SUSE-SLE-WE-12-SP5-2023-634",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0634-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0634-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230634-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0634-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013982.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1175995",
"url": "https://bugzilla.suse.com/1175995"
},
{
"category": "self",
"summary": "SUSE Bug 1186449",
"url": "https://bugzilla.suse.com/1186449"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1198971",
"url": "https://bugzilla.suse.com/1198971"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1202195",
"url": "https://bugzilla.suse.com/1202195"
},
{
"category": "self",
"summary": "SUSE Bug 1202712",
"url": "https://bugzilla.suse.com/1202712"
},
{
"category": "self",
"summary": "SUSE Bug 1202713",
"url": "https://bugzilla.suse.com/1202713"
},
{
"category": "self",
"summary": "SUSE Bug 1203200",
"url": "https://bugzilla.suse.com/1203200"
},
{
"category": "self",
"summary": "SUSE Bug 1203332",
"url": "https://bugzilla.suse.com/1203332"
},
{
"category": "self",
"summary": "SUSE Bug 1203693",
"url": "https://bugzilla.suse.com/1203693"
},
{
"category": "self",
"summary": "SUSE Bug 1204356",
"url": "https://bugzilla.suse.com/1204356"
},
{
"category": "self",
"summary": "SUSE Bug 1204514",
"url": "https://bugzilla.suse.com/1204514"
},
{
"category": "self",
"summary": "SUSE Bug 1204662",
"url": "https://bugzilla.suse.com/1204662"
},
{
"category": "self",
"summary": "SUSE Bug 1205149",
"url": "https://bugzilla.suse.com/1205149"
},
{
"category": "self",
"summary": "SUSE Bug 1205397",
"url": "https://bugzilla.suse.com/1205397"
},
{
"category": "self",
"summary": "SUSE Bug 1205495",
"url": "https://bugzilla.suse.com/1205495"
},
{
"category": "self",
"summary": "SUSE Bug 1206602",
"url": "https://bugzilla.suse.com/1206602"
},
{
"category": "self",
"summary": "SUSE Bug 1206635",
"url": "https://bugzilla.suse.com/1206635"
},
{
"category": "self",
"summary": "SUSE Bug 1206640",
"url": "https://bugzilla.suse.com/1206640"
},
{
"category": "self",
"summary": "SUSE Bug 1206641",
"url": "https://bugzilla.suse.com/1206641"
},
{
"category": "self",
"summary": "SUSE Bug 1206642",
"url": "https://bugzilla.suse.com/1206642"
},
{
"category": "self",
"summary": "SUSE Bug 1206643",
"url": "https://bugzilla.suse.com/1206643"
},
{
"category": "self",
"summary": "SUSE Bug 1206645",
"url": "https://bugzilla.suse.com/1206645"
},
{
"category": "self",
"summary": "SUSE Bug 1206646",
"url": "https://bugzilla.suse.com/1206646"
},
{
"category": "self",
"summary": "SUSE Bug 1206648",
"url": "https://bugzilla.suse.com/1206648"
},
{
"category": "self",
"summary": "SUSE Bug 1206649",
"url": "https://bugzilla.suse.com/1206649"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE Bug 1206677",
"url": "https://bugzilla.suse.com/1206677"
},
{
"category": "self",
"summary": "SUSE Bug 1206698",
"url": "https://bugzilla.suse.com/1206698"
},
{
"category": "self",
"summary": "SUSE Bug 1206784",
"url": "https://bugzilla.suse.com/1206784"
},
{
"category": "self",
"summary": "SUSE Bug 1206855",
"url": "https://bugzilla.suse.com/1206855"
},
{
"category": "self",
"summary": "SUSE Bug 1206858",
"url": "https://bugzilla.suse.com/1206858"
},
{
"category": "self",
"summary": "SUSE Bug 1206873",
"url": "https://bugzilla.suse.com/1206873"
},
{
"category": "self",
"summary": "SUSE Bug 1206876",
"url": "https://bugzilla.suse.com/1206876"
},
{
"category": "self",
"summary": "SUSE Bug 1206877",
"url": "https://bugzilla.suse.com/1206877"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1206880",
"url": "https://bugzilla.suse.com/1206880"
},
{
"category": "self",
"summary": "SUSE Bug 1206882",
"url": "https://bugzilla.suse.com/1206882"
},
{
"category": "self",
"summary": "SUSE Bug 1206883",
"url": "https://bugzilla.suse.com/1206883"
},
{
"category": "self",
"summary": "SUSE Bug 1206884",
"url": "https://bugzilla.suse.com/1206884"
},
{
"category": "self",
"summary": "SUSE Bug 1206885",
"url": "https://bugzilla.suse.com/1206885"
},
{
"category": "self",
"summary": "SUSE Bug 1206887",
"url": "https://bugzilla.suse.com/1206887"
},
{
"category": "self",
"summary": "SUSE Bug 1206888",
"url": "https://bugzilla.suse.com/1206888"
},
{
"category": "self",
"summary": "SUSE Bug 1206890",
"url": "https://bugzilla.suse.com/1206890"
},
{
"category": "self",
"summary": "SUSE Bug 1207092",
"url": "https://bugzilla.suse.com/1207092"
},
{
"category": "self",
"summary": "SUSE Bug 1207093",
"url": "https://bugzilla.suse.com/1207093"
},
{
"category": "self",
"summary": "SUSE Bug 1207094",
"url": "https://bugzilla.suse.com/1207094"
},
{
"category": "self",
"summary": "SUSE Bug 1207097",
"url": "https://bugzilla.suse.com/1207097"
},
{
"category": "self",
"summary": "SUSE Bug 1207102",
"url": "https://bugzilla.suse.com/1207102"
},
{
"category": "self",
"summary": "SUSE Bug 1207103",
"url": "https://bugzilla.suse.com/1207103"
},
{
"category": "self",
"summary": "SUSE Bug 1207104",
"url": "https://bugzilla.suse.com/1207104"
},
{
"category": "self",
"summary": "SUSE Bug 1207107",
"url": "https://bugzilla.suse.com/1207107"
},
{
"category": "self",
"summary": "SUSE Bug 1207108",
"url": "https://bugzilla.suse.com/1207108"
},
{
"category": "self",
"summary": "SUSE Bug 1207134",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1207201",
"url": "https://bugzilla.suse.com/1207201"
},
{
"category": "self",
"summary": "SUSE Bug 1207237",
"url": "https://bugzilla.suse.com/1207237"
},
{
"category": "self",
"summary": "SUSE Bug 1207773",
"url": "https://bugzilla.suse.com/1207773"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1207875",
"url": "https://bugzilla.suse.com/1207875"
},
{
"category": "self",
"summary": "SUSE Bug 1208108",
"url": "https://bugzilla.suse.com/1208108"
},
{
"category": "self",
"summary": "SUSE Bug 1208541",
"url": "https://bugzilla.suse.com/1208541"
},
{
"category": "self",
"summary": "SUSE Bug 1208570",
"url": "https://bugzilla.suse.com/1208570"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5754 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-47929 page",
"url": "https://www.suse.com/security/cve/CVE-2022-47929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0266 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-03-07T10:35:44Z",
"generator": {
"date": "2023-03-07T10:35:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0634-1",
"initial_release_date": "2023-03-07T10:35:44Z",
"revision_history": [
{
"date": "2023-03-07T10:35:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.150.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.150.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.150.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.150.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.150.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.150.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.150.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.150.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.150.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.150.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.150.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.150.1.noarch",
"product_id": "kernel-devel-4.12.14-122.150.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.150.1.noarch",
"product_id": "kernel-docs-4.12.14-122.150.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.150.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.150.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.150.1.noarch",
"product_id": "kernel-macros-4.12.14-122.150.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.150.1.noarch",
"product_id": "kernel-source-4.12.14-122.150.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.150.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.150.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.150.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.150.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.150.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.150.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.150.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.150.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.150.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.150.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.150.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.150.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.150.1.s390x",
"product_id": "kernel-syms-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.150.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.150.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.150.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.150.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.150.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.150.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.150.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.150.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.150.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.150.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.150.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.150.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.150.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.150.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.150.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.150.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.150.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.150.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.150.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.150.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.150.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.150.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.150.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.150.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-122.150.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-122.150.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5754"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5754",
"url": "https://www.suse.com/security/cve/CVE-2017-5754"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075008 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1075008"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1115045 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1115045"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5754",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2017-5754"
},
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-36280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36280"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36280",
"url": "https://www.suse.com/security/cve/CVE-2022-36280"
},
{
"category": "external",
"summary": "SUSE Bug 1203332 for CVE-2022-36280",
"url": "https://bugzilla.suse.com/1203332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-47929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-47929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-47929",
"url": "https://www.suse.com/security/cve/CVE-2022-47929"
},
{
"category": "external",
"summary": "SUSE Bug 1207237 for CVE-2022-47929",
"url": "https://bugzilla.suse.com/1207237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2023-0045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0045"
}
],
"notes": [
{
"category": "general",
"text": "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0045",
"url": "https://www.suse.com/security/cve/CVE-2023-0045"
},
{
"category": "external",
"summary": "SUSE Bug 1207773 for CVE-2023-0045",
"url": "https://bugzilla.suse.com/1207773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "moderate"
}
],
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0266"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0266",
"url": "https://www.suse.com/security/cve/CVE-2023-0266"
},
{
"category": "external",
"summary": "SUSE Bug 1207134 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207134"
},
{
"category": "external",
"summary": "SUSE Bug 1207190 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1207190"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-0266",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "important"
}
],
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.150.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.150.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.150.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-07T10:35:44Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
}
]
}
suse-su-2022:3294-1
Vulnerability from csaf_suse
Published
2022-09-16 16:46
Modified
2022-09-16 16:46
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).
The following non-security bugs were fixed:
- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).
- mm, rmap: Fixed anon_vma->degree ambiguity leading to double-reuse (bsc#1203098).
- lightnvm: Removed lightnvm implemenation (bsc#1191881).
Patchnames
SUSE-2022-3294,SUSE-SLE-SERVER-12-SP2-BCL-2022-3294
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).\n- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).\n- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).\n- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).\n- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).\n- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).\n- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim\u0027s TCP session (bnc#1196616).\n- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).\n\nThe following non-security bugs were fixed:\n\n- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).\n- mm, rmap: Fixed anon_vma-\u003edegree ambiguity leading to double-reuse (bsc#1203098).\n- lightnvm: Removed lightnvm implemenation (bsc#1191881).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3294,SUSE-SLE-SERVER-12-SP2-BCL-2022-3294",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3294-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3294-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3294-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012274.html"
},
{
"category": "self",
"summary": "SUSE Bug 1133374",
"url": "https://bugzilla.suse.com/1133374"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1196616",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1201726",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "self",
"summary": "SUSE Bug 1201948",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "self",
"summary": "SUSE Bug 1202096",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "self",
"summary": "SUSE Bug 1202346",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "self",
"summary": "SUSE Bug 1202347",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "self",
"summary": "SUSE Bug 1202393",
"url": "https://bugzilla.suse.com/1202393"
},
{
"category": "self",
"summary": "SUSE Bug 1202897",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "self",
"summary": "SUSE Bug 1202898",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "self",
"summary": "SUSE Bug 1203098",
"url": "https://bugzilla.suse.com/1203098"
},
{
"category": "self",
"summary": "SUSE Bug 1203107",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3900 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36516 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20369 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2588 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36879 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39188 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39188/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-09-16T16:46:06Z",
"generator": {
"date": "2022-09-16T16:46:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3294-1",
"initial_release_date": "2022-09-16T16:46:06Z",
"revision_history": [
{
"date": "2022-09-16T16:46:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.188.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.188.1.aarch64",
"product_id": "cluster-network-kmp-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.188.1.aarch64",
"product_id": "dlm-kmp-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.188.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-default-4.4.121-92.188.1.aarch64",
"product_id": "kernel-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.121-92.188.1.aarch64",
"product_id": "kernel-default-base-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.121-92.188.1.aarch64",
"product_id": "kernel-default-devel-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.121-92.188.1.aarch64",
"product_id": "kernel-default-extra-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.188.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.121-92.188.1.aarch64",
"product_id": "kernel-obs-build-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.188.1.aarch64",
"product_id": "kernel-obs-qa-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-syms-4.4.121-92.188.1.aarch64",
"product_id": "kernel-syms-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "kernel-vanilla-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.188.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.188.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.188.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.188.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.188.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.121-92.188.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.aarch64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.188.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.188.1.noarch",
"product_id": "kernel-devel-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-docs-4.4.121-92.188.1.noarch",
"product_id": "kernel-docs-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.121-92.188.1.noarch",
"product_id": "kernel-docs-html-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.121-92.188.1.noarch",
"product_id": "kernel-docs-pdf-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.188.1.noarch",
"product_id": "kernel-macros-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.188.1.noarch",
"product_id": "kernel-source-4.4.121-92.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.121-92.188.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.121-92.188.1.noarch",
"product_id": "kernel-source-vanilla-4.4.121-92.188.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-network-kmp-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-network-kmp-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.188.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.121-92.188.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "dlm-kmp-vanilla-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.188.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.188.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-debug-base-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-default-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-default-base-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-default-devel-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-default-extra-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-obs-build-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-syms-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-vanilla-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.188.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.188.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.188.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.188.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.188.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.188.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.121-92.188.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.188.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.188.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.188.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.s390x",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.188.1.s390x",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.188.1.s390x",
"product_id": "cluster-network-kmp-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.s390x",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.188.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.121-92.188.1.s390x",
"product_id": "dlm-kmp-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.s390x",
"product_id": "dlm-kmp-vanilla-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.188.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.188.1.s390x",
"product_id": "gfs2-kmp-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.s390x",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-base-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-base-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-devel-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-extra-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-kgraft-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-default-man-4.4.121-92.188.1.s390x",
"product_id": "kernel-default-man-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.121-92.188.1.s390x",
"product_id": "kernel-obs-build-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.121-92.188.1.s390x",
"product_id": "kernel-obs-qa-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-syms-4.4.121-92.188.1.s390x",
"product_id": "kernel-syms-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.121-92.188.1.s390x",
"product_id": "kernel-vanilla-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.188.1.s390x",
"product_id": "kernel-vanilla-base-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.188.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.121-92.188.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.121-92.188.1.s390x",
"product_id": "kernel-zfcpdump-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.188.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.188.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.121-92.188.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.s390x",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.s390x",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.188.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.188.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.188.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.188.1.x86_64",
"product_id": "cluster-network-kmp-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.188.1.x86_64",
"product_id": "cluster-network-kmp-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.188.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.188.1.x86_64",
"product_id": "dlm-kmp-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.188.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.188.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-debug-4.4.121-92.188.1.x86_64",
"product_id": "kernel-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.121-92.188.1.x86_64",
"product_id": "kernel-debug-base-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.121-92.188.1.x86_64",
"product_id": "kernel-debug-devel-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.121-92.188.1.x86_64",
"product_id": "kernel-debug-extra-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.188.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.188.1.x86_64",
"product_id": "kernel-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.188.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.188.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.121-92.188.1.x86_64",
"product_id": "kernel-default-extra-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.188.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.121-92.188.1.x86_64",
"product_id": "kernel-obs-build-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.188.1.x86_64",
"product_id": "kernel-obs-qa-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.188.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "kernel-vanilla-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.188.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.188.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.188.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.188.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.188.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.121-92.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.188.1.x86_64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.188.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.188.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.188.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.188.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3900"
}
],
"notes": [
{
"category": "general",
"text": "An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3900",
"url": "https://www.suse.com/security/cve/CVE-2019-3900"
},
{
"category": "external",
"summary": "SUSE Bug 1133374 for CVE-2019-3900",
"url": "https://bugzilla.suse.com/1133374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "low"
}
],
"title": "CVE-2019-3900"
},
{
"cve": "CVE-2020-36516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36516"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim\u0027s TCP session or terminate that session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36516",
"url": "https://www.suse.com/security/cve/CVE-2020-36516"
},
{
"category": "external",
"summary": "SUSE Bug 1196616 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "external",
"summary": "SUSE Bug 1196867 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196867"
},
{
"category": "external",
"summary": "SUSE Bug 1204092 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204092"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "important"
}
],
"title": "CVE-2020-36516"
},
{
"cve": "CVE-2022-20368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20368"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20368",
"url": "https://www.suse.com/security/cve/CVE-2022-20368"
},
{
"category": "external",
"summary": "SUSE Bug 1202346 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "external",
"summary": "SUSE Bug 1212311 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1212311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-20369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20369"
}
],
"notes": [
{
"category": "general",
"text": "In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20369",
"url": "https://www.suse.com/security/cve/CVE-2022-20369"
},
{
"category": "external",
"summary": "SUSE Bug 1202347 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "external",
"summary": "SUSE Bug 1212321 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1212321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-20369"
},
{
"cve": "CVE-2022-21385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21385"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21385",
"url": "https://www.suse.com/security/cve/CVE-2022-21385"
},
{
"category": "external",
"summary": "SUSE Bug 1202897 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "external",
"summary": "SUSE Bug 1212285 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1212285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-21385"
},
{
"cve": "CVE-2022-2588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2588"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2588",
"url": "https://www.suse.com/security/cve/CVE-2022-2588"
},
{
"category": "external",
"summary": "SUSE Bug 1202096 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "external",
"summary": "SUSE Bug 1203613 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1203613"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1204183"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "important"
}
],
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-26373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26373"
}
],
"notes": [
{
"category": "general",
"text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26373",
"url": "https://www.suse.com/security/cve/CVE-2022-26373"
},
{
"category": "external",
"summary": "SUSE Bug 1201726 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "external",
"summary": "SUSE Bug 1209619 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1209619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-3028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3028"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3028",
"url": "https://www.suse.com/security/cve/CVE-2022-3028"
},
{
"category": "external",
"summary": "SUSE Bug 1202898 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "external",
"summary": "SUSE Bug 1212296 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1212296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-36879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36879"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36879",
"url": "https://www.suse.com/security/cve/CVE-2022-36879"
},
{
"category": "external",
"summary": "SUSE Bug 1201948 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "external",
"summary": "SUSE Bug 1212327 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1212327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "moderate"
}
],
"title": "CVE-2022-36879"
},
{
"cve": "CVE-2022-39188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39188"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39188",
"url": "https://www.suse.com/security/cve/CVE-2022-39188"
},
{
"category": "external",
"summary": "SUSE Bug 1203107 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "external",
"summary": "SUSE Bug 1203116 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203116"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212326 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1212326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-16T16:46:06Z",
"details": "important"
}
],
"title": "CVE-2022-39188"
}
]
}
suse-su-2023:1973-1
Vulnerability from csaf_suse
Published
2023-04-24 23:34
Modified
2023-04-24 23:34
Summary
Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP5)
Description of the patch
This update for the Linux Kernel 4.12.14-122_121 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
Patchnames
SUSE-2023-1973,SUSE-SLE-Live-Patching-12-SP5-2023-1973
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_121 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1973,SUSE-SLE-Live-Patching-12-SP5-2023-1973",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1973-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1973-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231973-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1973-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-April/028971.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203993",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "self",
"summary": "SUSE Bug 1207822",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "self",
"summary": "SUSE Bug 1208910",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-04-24T23:34:58Z",
"generator": {
"date": "2023-04-24T23:34:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1973-1",
"initial_release_date": "2023-04-24T23:34:58Z",
"revision_history": [
{
"date": "2023-04-24T23:34:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-122_121-default-12-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T23:34:58Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T23:34:58Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-12-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-24T23:34:58Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
}
]
}
wid-sec-w-2024-0794
Vulnerability from csaf_certbund
Published
2024-04-04 22:00
Modified
2024-11-27 23:00
Summary
Dell ECS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell ECS ist ein Objektspeichersystem.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell ECS ist ein Objektspeichersystem.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0794 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0794 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-141 vom 2024-04-04",
"url": "https://www.dell.com/support/kbdoc/000223839/dsa-2024-="
}
],
"source_lang": "en-US",
"title": "Dell ECS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-27T23:00:00.000+00:00",
"generator": {
"date": "2024-11-28T11:39:04.623+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-0794",
"initial_release_date": "2024-04-04T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-27T23:00:00.000+00:00",
"number": "2",
"summary": "Produktzuordnung \u00fcberpr\u00fcft"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.8.1.0",
"product": {
"name": "Dell ECS \u003c3.8.1.0",
"product_id": "T033919"
}
},
{
"category": "product_version",
"name": "3.8.1.0",
"product": {
"name": "Dell ECS 3.8.1.0",
"product_id": "T033919-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.0"
}
}
}
],
"category": "product_name",
"name": "ECS"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-18074",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2018-18074"
},
{
"cve": "CVE-2020-10663",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10663"
},
{
"cve": "CVE-2020-10672",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10672"
},
{
"cve": "CVE-2020-10673",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10673"
},
{
"cve": "CVE-2020-10735",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10735"
},
{
"cve": "CVE-2020-10968",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10968"
},
{
"cve": "CVE-2020-10969",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-10969"
},
{
"cve": "CVE-2020-11111",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11111"
},
{
"cve": "CVE-2020-11112",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11112"
},
{
"cve": "CVE-2020-11113",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11113"
},
{
"cve": "CVE-2020-11612",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11612"
},
{
"cve": "CVE-2020-11619",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11619"
},
{
"cve": "CVE-2020-11620",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11620"
},
{
"cve": "CVE-2020-11979",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-11979"
},
{
"cve": "CVE-2020-12762",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-12762"
},
{
"cve": "CVE-2020-12825",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-12825"
},
{
"cve": "CVE-2020-13956",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2020-14060",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-14060"
},
{
"cve": "CVE-2020-14061",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-14061"
},
{
"cve": "CVE-2020-14062",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-14062"
},
{
"cve": "CVE-2020-14195",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-14195"
},
{
"cve": "CVE-2020-15250",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-15250"
},
{
"cve": "CVE-2020-1945",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-1945"
},
{
"cve": "CVE-2020-1967",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-1967"
},
{
"cve": "CVE-2020-1971",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-1971"
},
{
"cve": "CVE-2020-24616",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-24616"
},
{
"cve": "CVE-2020-24750",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-24750"
},
{
"cve": "CVE-2020-25649",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2020-25658",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-25658"
},
{
"cve": "CVE-2020-26116",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-26116"
},
{
"cve": "CVE-2020-26137",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-26137"
},
{
"cve": "CVE-2020-26541",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-26541"
},
{
"cve": "CVE-2020-27216",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-27216"
},
{
"cve": "CVE-2020-27218",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-27218"
},
{
"cve": "CVE-2020-27223",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-27223"
},
{
"cve": "CVE-2020-28366",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-28366"
},
{
"cve": "CVE-2020-28493",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-28493"
},
{
"cve": "CVE-2020-29509",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-29509"
},
{
"cve": "CVE-2020-29511",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-29511"
},
{
"cve": "CVE-2020-29582",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-29582"
},
{
"cve": "CVE-2020-29651",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-29651"
},
{
"cve": "CVE-2020-35490",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-35490"
},
{
"cve": "CVE-2020-35491",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-35491"
},
{
"cve": "CVE-2020-35728",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-35728"
},
{
"cve": "CVE-2020-36179",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36179"
},
{
"cve": "CVE-2020-36180",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36180"
},
{
"cve": "CVE-2020-36181",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36181"
},
{
"cve": "CVE-2020-36182",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36182"
},
{
"cve": "CVE-2020-36183",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36183"
},
{
"cve": "CVE-2020-36184",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36184"
},
{
"cve": "CVE-2020-36185",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36185"
},
{
"cve": "CVE-2020-36186",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36186"
},
{
"cve": "CVE-2020-36187",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36187"
},
{
"cve": "CVE-2020-36188",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36188"
},
{
"cve": "CVE-2020-36189",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36189"
},
{
"cve": "CVE-2020-36516",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36516"
},
{
"cve": "CVE-2020-36518",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2020-36557",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36557"
},
{
"cve": "CVE-2020-36558",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36558"
},
{
"cve": "CVE-2020-36691",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-36691"
},
{
"cve": "CVE-2020-7238",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-7238"
},
{
"cve": "CVE-2020-8840",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-8840"
},
{
"cve": "CVE-2020-8908",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-8908"
},
{
"cve": "CVE-2020-8911",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-8911"
},
{
"cve": "CVE-2020-8912",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-8912"
},
{
"cve": "CVE-2020-9488",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-9488"
},
{
"cve": "CVE-2020-9493",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-9493"
},
{
"cve": "CVE-2020-9546",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-9546"
},
{
"cve": "CVE-2020-9547",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-9547"
},
{
"cve": "CVE-2020-9548",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2020-9548"
},
{
"cve": "CVE-2021-20190",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-20190"
},
{
"cve": "CVE-2021-20323",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-20323"
},
{
"cve": "CVE-2021-21290",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-21290"
},
{
"cve": "CVE-2021-21295",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-21295"
},
{
"cve": "CVE-2021-21409",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-21409"
},
{
"cve": "CVE-2021-23840",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-23840"
},
{
"cve": "CVE-2021-23841",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-23841"
},
{
"cve": "CVE-2021-2471",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-2471"
},
{
"cve": "CVE-2021-25642",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-25642"
},
{
"cve": "CVE-2021-26341",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-26341"
},
{
"cve": "CVE-2021-27918",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-27918"
},
{
"cve": "CVE-2021-28153",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-28153"
},
{
"cve": "CVE-2021-28165",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-28165"
},
{
"cve": "CVE-2021-28169",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-28169"
},
{
"cve": "CVE-2021-28861",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-28861"
},
{
"cve": "CVE-2021-29425",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-30560",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-30560"
},
{
"cve": "CVE-2021-3114",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3114"
},
{
"cve": "CVE-2021-33036",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33036"
},
{
"cve": "CVE-2021-33194",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33194"
},
{
"cve": "CVE-2021-33195",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33195"
},
{
"cve": "CVE-2021-33196",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33196"
},
{
"cve": "CVE-2021-33197",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33197"
},
{
"cve": "CVE-2021-33503",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33503"
},
{
"cve": "CVE-2021-33655",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33655"
},
{
"cve": "CVE-2021-33656",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-33656"
},
{
"cve": "CVE-2021-3424",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3424"
},
{
"cve": "CVE-2021-34428",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-34428"
},
{
"cve": "CVE-2021-3449",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3449"
},
{
"cve": "CVE-2021-3450",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3450"
},
{
"cve": "CVE-2021-3530",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3530"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-36373",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-36373"
},
{
"cve": "CVE-2021-36374",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-36374"
},
{
"cve": "CVE-2021-3648",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3648"
},
{
"cve": "CVE-2021-36690",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-36690"
},
{
"cve": "CVE-2021-3711",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-3712",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3712"
},
{
"cve": "CVE-2021-37136",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-37136"
},
{
"cve": "CVE-2021-37137",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2021-37404",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-37404"
},
{
"cve": "CVE-2021-37533",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2021-3754",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3754"
},
{
"cve": "CVE-2021-3778",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3778"
},
{
"cve": "CVE-2021-3796",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3796"
},
{
"cve": "CVE-2021-3826",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3826"
},
{
"cve": "CVE-2021-3827",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3827"
},
{
"cve": "CVE-2021-38297",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-38297"
},
{
"cve": "CVE-2021-3872",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3872"
},
{
"cve": "CVE-2021-3875",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3875"
},
{
"cve": "CVE-2021-3903",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3903"
},
{
"cve": "CVE-2021-3923",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3923"
},
{
"cve": "CVE-2021-3927",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3927"
},
{
"cve": "CVE-2021-3928",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3928"
},
{
"cve": "CVE-2021-3968",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3968"
},
{
"cve": "CVE-2021-3973",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3973"
},
{
"cve": "CVE-2021-3974",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3974"
},
{
"cve": "CVE-2021-3984",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-3984"
},
{
"cve": "CVE-2021-4019",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4019"
},
{
"cve": "CVE-2021-4037",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4037"
},
{
"cve": "CVE-2021-4069",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4069"
},
{
"cve": "CVE-2021-4104",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4104"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-4157",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4157"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-41771",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4203",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2021-42567",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-42567"
},
{
"cve": "CVE-2021-43797",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-44531",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-44531"
},
{
"cve": "CVE-2021-44532",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-44532"
},
{
"cve": "CVE-2021-44533",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-44533"
},
{
"cve": "CVE-2021-44716",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44878",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-44878"
},
{
"cve": "CVE-2021-45078",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-45078"
},
{
"cve": "CVE-2021-46195",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-46195"
},
{
"cve": "CVE-2021-46828",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-46828"
},
{
"cve": "CVE-2021-46848",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2021-46848"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2022-0213",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0213"
},
{
"cve": "CVE-2022-0225",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0225"
},
{
"cve": "CVE-2022-0261",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0261"
},
{
"cve": "CVE-2022-0318",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0318"
},
{
"cve": "CVE-2022-0319",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0319"
},
{
"cve": "CVE-2022-0351",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0351"
},
{
"cve": "CVE-2022-0359",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0359"
},
{
"cve": "CVE-2022-0361",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0361"
},
{
"cve": "CVE-2022-0392",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0392"
},
{
"cve": "CVE-2022-0407",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0407"
},
{
"cve": "CVE-2022-0413",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0413"
},
{
"cve": "CVE-2022-0561",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0561"
},
{
"cve": "CVE-2022-0696",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-1184",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1184"
},
{
"cve": "CVE-2022-1245",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1245"
},
{
"cve": "CVE-2022-1271",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1292",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1292"
},
{
"cve": "CVE-2022-1381",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1381"
},
{
"cve": "CVE-2022-1420",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1420"
},
{
"cve": "CVE-2022-1462",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1462"
},
{
"cve": "CVE-2022-1466",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1466"
},
{
"cve": "CVE-2022-1471",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-1586",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1586"
},
{
"cve": "CVE-2022-1587",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1587"
},
{
"cve": "CVE-2022-1616",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1616"
},
{
"cve": "CVE-2022-1619",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1619"
},
{
"cve": "CVE-2022-1620",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1620"
},
{
"cve": "CVE-2022-1679",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-1705",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-1720",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1720"
},
{
"cve": "CVE-2022-1729",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1729"
},
{
"cve": "CVE-2022-1733",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1733"
},
{
"cve": "CVE-2022-1735",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1735"
},
{
"cve": "CVE-2022-1771",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1771"
},
{
"cve": "CVE-2022-1785",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1785"
},
{
"cve": "CVE-2022-1796",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1796"
},
{
"cve": "CVE-2022-1851",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1851"
},
{
"cve": "CVE-2022-1897",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1897"
},
{
"cve": "CVE-2022-1898",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1898"
},
{
"cve": "CVE-2022-1927",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1927"
},
{
"cve": "CVE-2022-1962",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-1968",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1968"
},
{
"cve": "CVE-2022-1974",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1974"
},
{
"cve": "CVE-2022-1975",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-1975"
},
{
"cve": "CVE-2022-20132",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20132"
},
{
"cve": "CVE-2022-20141",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20141"
},
{
"cve": "CVE-2022-20154",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20154"
},
{
"cve": "CVE-2022-20166",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20166"
},
{
"cve": "CVE-2022-20368",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-20369",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20369"
},
{
"cve": "CVE-2022-2047",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2047"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2022-20567",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-20567"
},
{
"cve": "CVE-2022-2068",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-2097",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-21216",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21216"
},
{
"cve": "CVE-2022-21233",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21233"
},
{
"cve": "CVE-2022-2124",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2124"
},
{
"cve": "CVE-2022-2125",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2125"
},
{
"cve": "CVE-2022-2126",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2126"
},
{
"cve": "CVE-2022-2129",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2129"
},
{
"cve": "CVE-2022-21363",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21363"
},
{
"cve": "CVE-2022-21385",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21385"
},
{
"cve": "CVE-2022-21499",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21499"
},
{
"cve": "CVE-2022-2153",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2153"
},
{
"cve": "CVE-2022-21540",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-21549",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21549"
},
{
"cve": "CVE-2022-21618",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21618"
},
{
"cve": "CVE-2022-21619",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21619"
},
{
"cve": "CVE-2022-21624",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21624"
},
{
"cve": "CVE-2022-21626",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21626"
},
{
"cve": "CVE-2022-21628",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21628"
},
{
"cve": "CVE-2022-21702",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-21702"
},
{
"cve": "CVE-2022-2175",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2175"
},
{
"cve": "CVE-2022-2182",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2182"
},
{
"cve": "CVE-2022-2183",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2183"
},
{
"cve": "CVE-2022-2206",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2206"
},
{
"cve": "CVE-2022-2207",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2207"
},
{
"cve": "CVE-2022-2208",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2208"
},
{
"cve": "CVE-2022-2210",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2210"
},
{
"cve": "CVE-2022-2231",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2231"
},
{
"cve": "CVE-2022-2256",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2256"
},
{
"cve": "CVE-2022-2257",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2257"
},
{
"cve": "CVE-2022-2264",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2264"
},
{
"cve": "CVE-2022-2284",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2284"
},
{
"cve": "CVE-2022-2285",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2285"
},
{
"cve": "CVE-2022-2286",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2286"
},
{
"cve": "CVE-2022-2287",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2287"
},
{
"cve": "CVE-2022-22976",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-22976"
},
{
"cve": "CVE-2022-22978",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-2304",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2304"
},
{
"cve": "CVE-2022-2318",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2318"
},
{
"cve": "CVE-2022-23302",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23302"
},
{
"cve": "CVE-2022-23305",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23305"
},
{
"cve": "CVE-2022-23307",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23307"
},
{
"cve": "CVE-2022-2343",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2343"
},
{
"cve": "CVE-2022-2344",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2344"
},
{
"cve": "CVE-2022-2345",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2345"
},
{
"cve": "CVE-2022-23471",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23471"
},
{
"cve": "CVE-2022-23521",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23521"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-24302",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-24302"
},
{
"cve": "CVE-2022-24329",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-24329"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-24903",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-24903"
},
{
"cve": "CVE-2022-2503",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2503"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-25168",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-25168"
},
{
"cve": "CVE-2022-2519",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2519"
},
{
"cve": "CVE-2022-2520",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2520"
},
{
"cve": "CVE-2022-2521",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2521"
},
{
"cve": "CVE-2022-2522",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2522"
},
{
"cve": "CVE-2022-25647",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-25647"
},
{
"cve": "CVE-2022-2571",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2571"
},
{
"cve": "CVE-2022-2580",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2580"
},
{
"cve": "CVE-2022-2581",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2581"
},
{
"cve": "CVE-2022-25857",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-25857"
},
{
"cve": "CVE-2022-2588",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-2598",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2598"
},
{
"cve": "CVE-2022-26148",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-26148"
},
{
"cve": "CVE-2022-26365",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-26365"
},
{
"cve": "CVE-2022-26373",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2639",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2639"
},
{
"cve": "CVE-2022-26612",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-26612"
},
{
"cve": "CVE-2022-2663",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2663"
},
{
"cve": "CVE-2022-27781",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-27943",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-27943"
},
{
"cve": "CVE-2022-2795",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-28131",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-2816",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2816"
},
{
"cve": "CVE-2022-2817",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2817"
},
{
"cve": "CVE-2022-2819",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2819"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-2845",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2845"
},
{
"cve": "CVE-2022-2849",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2849"
},
{
"cve": "CVE-2022-2862",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2862"
},
{
"cve": "CVE-2022-2867",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2867"
},
{
"cve": "CVE-2022-2868",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2868"
},
{
"cve": "CVE-2022-2869",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2869"
},
{
"cve": "CVE-2022-28693",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-28693"
},
{
"cve": "CVE-2022-2874",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2874"
},
{
"cve": "CVE-2022-28748",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-28748"
},
{
"cve": "CVE-2022-2880",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-2889",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2889"
},
{
"cve": "CVE-2022-29162",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29162"
},
{
"cve": "CVE-2022-29187",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29187"
},
{
"cve": "CVE-2022-2923",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2923"
},
{
"cve": "CVE-2022-2946",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2946"
},
{
"cve": "CVE-2022-29526",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-29583",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29583"
},
{
"cve": "CVE-2022-2964",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-2977",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2977"
},
{
"cve": "CVE-2022-2980",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2980"
},
{
"cve": "CVE-2022-2982",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2982"
},
{
"cve": "CVE-2022-29900",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29900"
},
{
"cve": "CVE-2022-29901",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-29901"
},
{
"cve": "CVE-2022-2991",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-3016",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3016"
},
{
"cve": "CVE-2022-3028",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-3037",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3037"
},
{
"cve": "CVE-2022-30580",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-30630",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-30630"
},
{
"cve": "CVE-2022-30631",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30632",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-30632"
},
{
"cve": "CVE-2022-30633",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-3099",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3099"
},
{
"cve": "CVE-2022-31030",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-31030"
},
{
"cve": "CVE-2022-31159",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-31159"
},
{
"cve": "CVE-2022-3134",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3134"
},
{
"cve": "CVE-2022-3153",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3153"
},
{
"cve": "CVE-2022-3169",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3169"
},
{
"cve": "CVE-2022-31690",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-31690"
},
{
"cve": "CVE-2022-32148",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-32148"
},
{
"cve": "CVE-2022-32149",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-32206",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32208",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-3234",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3234"
},
{
"cve": "CVE-2022-3235",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3235"
},
{
"cve": "CVE-2022-3239",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3239"
},
{
"cve": "CVE-2022-3278",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3278"
},
{
"cve": "CVE-2022-3296",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3296"
},
{
"cve": "CVE-2022-3297",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3297"
},
{
"cve": "CVE-2022-33196",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33196"
},
{
"cve": "CVE-2022-3324",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3324"
},
{
"cve": "CVE-2022-3352",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3352"
},
{
"cve": "CVE-2022-33740",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33740"
},
{
"cve": "CVE-2022-33741",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33741"
},
{
"cve": "CVE-2022-33742",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33742"
},
{
"cve": "CVE-2022-33972",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33972"
},
{
"cve": "CVE-2022-33981",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-33981"
},
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-3424",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3424"
},
{
"cve": "CVE-2022-34266",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-34266"
},
{
"cve": "CVE-2022-34526",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-34526"
},
{
"cve": "CVE-2022-34903",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-34903"
},
{
"cve": "CVE-2022-3491",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3491"
},
{
"cve": "CVE-2022-3515",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3515"
},
{
"cve": "CVE-2022-3520",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3520"
},
{
"cve": "CVE-2022-3521",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3521"
},
{
"cve": "CVE-2022-3524",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3524"
},
{
"cve": "CVE-2022-35252",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-3542",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3542"
},
{
"cve": "CVE-2022-3545",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-3565",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3565"
},
{
"cve": "CVE-2022-3566",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-3567",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3567"
},
{
"cve": "CVE-2022-35737",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-35737"
},
{
"cve": "CVE-2022-3586",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-3591",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3591"
},
{
"cve": "CVE-2022-3594",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3594"
},
{
"cve": "CVE-2022-3597",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3597"
},
{
"cve": "CVE-2022-3599",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3599"
},
{
"cve": "CVE-2022-36109",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36109"
},
{
"cve": "CVE-2022-3621",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3621"
},
{
"cve": "CVE-2022-3626",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3626"
},
{
"cve": "CVE-2022-3627",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3627"
},
{
"cve": "CVE-2022-3628",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3628"
},
{
"cve": "CVE-2022-36280",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-3629",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3629"
},
{
"cve": "CVE-2022-3635",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3635"
},
{
"cve": "CVE-2022-3643",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-36437",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36437"
},
{
"cve": "CVE-2022-3646",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3646"
},
{
"cve": "CVE-2022-3649",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3649"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2022-36879",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36879"
},
{
"cve": "CVE-2022-36946",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-36946"
},
{
"cve": "CVE-2022-3705",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3705"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-37436",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-37436"
},
{
"cve": "CVE-2022-37865",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-37865"
},
{
"cve": "CVE-2022-37866",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-37866"
},
{
"cve": "CVE-2022-38090",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38090"
},
{
"cve": "CVE-2022-38096",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-38126",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38126"
},
{
"cve": "CVE-2022-38127",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38127"
},
{
"cve": "CVE-2022-38177",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38177"
},
{
"cve": "CVE-2022-38178",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38178"
},
{
"cve": "CVE-2022-3821",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3821"
},
{
"cve": "CVE-2022-38533",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38533"
},
{
"cve": "CVE-2022-38749",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38749"
},
{
"cve": "CVE-2022-38750",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38750"
},
{
"cve": "CVE-2022-38751",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38751"
},
{
"cve": "CVE-2022-38752",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-38752"
},
{
"cve": "CVE-2022-39028",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-39028"
},
{
"cve": "CVE-2022-3903",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3903"
},
{
"cve": "CVE-2022-39188",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-39188"
},
{
"cve": "CVE-2022-39399",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-39399"
},
{
"cve": "CVE-2022-3970",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-3970"
},
{
"cve": "CVE-2022-40149",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40149"
},
{
"cve": "CVE-2022-40150",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2022-40151",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40151"
},
{
"cve": "CVE-2022-40152",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-40153",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40153"
},
{
"cve": "CVE-2022-40303",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-40307",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40307"
},
{
"cve": "CVE-2022-40674",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40674"
},
{
"cve": "CVE-2022-40768",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40768"
},
{
"cve": "CVE-2022-40899",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-40899"
},
{
"cve": "CVE-2022-4095",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4095"
},
{
"cve": "CVE-2022-41218",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4129",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2022-4141",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4141"
},
{
"cve": "CVE-2022-41717",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41721",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41721"
},
{
"cve": "CVE-2022-41848",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41848"
},
{
"cve": "CVE-2022-41850",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41850"
},
{
"cve": "CVE-2022-41854",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41854"
},
{
"cve": "CVE-2022-41858",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41858"
},
{
"cve": "CVE-2022-41881",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-41903",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41903"
},
{
"cve": "CVE-2022-41915",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41915"
},
{
"cve": "CVE-2022-41966",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41966"
},
{
"cve": "CVE-2022-41974",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-41974"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-42010",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42010"
},
{
"cve": "CVE-2022-42011",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42011"
},
{
"cve": "CVE-2022-42012",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42012"
},
{
"cve": "CVE-2022-42328",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42328"
},
{
"cve": "CVE-2022-42329",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42329"
},
{
"cve": "CVE-2022-42703",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42703"
},
{
"cve": "CVE-2022-42889",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42889"
},
{
"cve": "CVE-2022-42895",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42895"
},
{
"cve": "CVE-2022-42896",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42896"
},
{
"cve": "CVE-2022-42898",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42898"
},
{
"cve": "CVE-2022-4292",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4292"
},
{
"cve": "CVE-2022-4293",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4293"
},
{
"cve": "CVE-2022-42969",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-42969"
},
{
"cve": "CVE-2022-4304",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-43552",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-43680",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-43680"
},
{
"cve": "CVE-2022-43750",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-43750"
},
{
"cve": "CVE-2022-4378",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-43995",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-43995"
},
{
"cve": "CVE-2022-4415",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4415"
},
{
"cve": "CVE-2022-4450",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-44638",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-44638"
},
{
"cve": "CVE-2022-45061",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45061"
},
{
"cve": "CVE-2022-45688",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45688"
},
{
"cve": "CVE-2022-45884",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45884"
},
{
"cve": "CVE-2022-45885",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45885"
},
{
"cve": "CVE-2022-45886",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2022-45934",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45934"
},
{
"cve": "CVE-2022-45939",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-45939"
},
{
"cve": "CVE-2022-4662",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-46751",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-46751"
},
{
"cve": "CVE-2022-46908",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-46908"
},
{
"cve": "CVE-2022-47629",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-47629"
},
{
"cve": "CVE-2022-47929",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2022-48281",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-48281"
},
{
"cve": "CVE-2022-48337",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-48337"
},
{
"cve": "CVE-2022-48339",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2022-48339"
},
{
"cve": "CVE-2023-0045",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0049",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0049"
},
{
"cve": "CVE-2023-0051",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0051"
},
{
"cve": "CVE-2023-0054",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0054"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0288",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0288"
},
{
"cve": "CVE-2023-0433",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0433"
},
{
"cve": "CVE-2023-0464",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-0512",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0512"
},
{
"cve": "CVE-2023-0590",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-0597",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0597"
},
{
"cve": "CVE-2023-0833",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-0833"
},
{
"cve": "CVE-2023-1076",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1076"
},
{
"cve": "CVE-2023-1095",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1095"
},
{
"cve": "CVE-2023-1118",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1118"
},
{
"cve": "CVE-2023-1127",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1127"
},
{
"cve": "CVE-2023-1170",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1170"
},
{
"cve": "CVE-2023-1175",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1175"
},
{
"cve": "CVE-2023-1370",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2023-1380",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-1390",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1390"
},
{
"cve": "CVE-2023-1436",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1436"
},
{
"cve": "CVE-2023-1513",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1513"
},
{
"cve": "CVE-2023-1611",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1611"
},
{
"cve": "CVE-2023-1670",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1670"
},
{
"cve": "CVE-2023-1855",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1855"
},
{
"cve": "CVE-2023-1989",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1989"
},
{
"cve": "CVE-2023-1990",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1990"
},
{
"cve": "CVE-2023-1998",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-1998"
},
{
"cve": "CVE-2023-20862",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-20862"
},
{
"cve": "CVE-2023-2124",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2162",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2162"
},
{
"cve": "CVE-2023-2176",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2176"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21835",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21835"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-2194",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-21954",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-22490",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-22490"
},
{
"cve": "CVE-2023-2253",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2253"
},
{
"cve": "CVE-2023-22809",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2023-23454",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23455",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-23455"
},
{
"cve": "CVE-2023-23559",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-23916",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23946",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-23946"
},
{
"cve": "CVE-2023-24329",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-24532",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-24532"
},
{
"cve": "CVE-2023-24534",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-24534"
},
{
"cve": "CVE-2023-2483",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2483"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-2513",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2513"
},
{
"cve": "CVE-2023-25193",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-25193"
},
{
"cve": "CVE-2023-25652",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-25652"
},
{
"cve": "CVE-2023-25690",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-25809",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-25809"
},
{
"cve": "CVE-2023-25815",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-25815"
},
{
"cve": "CVE-2023-26048",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-26048"
},
{
"cve": "CVE-2023-26049",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-26049"
},
{
"cve": "CVE-2023-2650",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-26545",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-26545"
},
{
"cve": "CVE-2023-26604",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-26604"
},
{
"cve": "CVE-2023-27533",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27538",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-27561",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-27561"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28320",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-28328",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28328"
},
{
"cve": "CVE-2023-28464",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28464"
},
{
"cve": "CVE-2023-28486",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28486"
},
{
"cve": "CVE-2023-28487",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28487"
},
{
"cve": "CVE-2023-28642",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28642"
},
{
"cve": "CVE-2023-28772",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28772"
},
{
"cve": "CVE-2023-28840",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28840"
},
{
"cve": "CVE-2023-28841",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28841"
},
{
"cve": "CVE-2023-28842",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-28842"
},
{
"cve": "CVE-2023-29007",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-29007"
},
{
"cve": "CVE-2023-29383",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-29383"
},
{
"cve": "CVE-2023-29402",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-29402"
},
{
"cve": "CVE-2023-29406",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-29406"
},
{
"cve": "CVE-2023-29409",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-29409"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-30630",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-30630"
},
{
"cve": "CVE-2023-30772",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-30772"
},
{
"cve": "CVE-2023-31084",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-31084"
},
{
"cve": "CVE-2023-3138",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-3138"
},
{
"cve": "CVE-2023-31436",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-31436"
},
{
"cve": "CVE-2023-31484",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-31484"
},
{
"cve": "CVE-2023-32269",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-32269"
},
{
"cve": "CVE-2023-32697",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-32697"
},
{
"cve": "CVE-2023-33264",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-33264"
},
{
"cve": "CVE-2023-34034",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34034"
},
{
"cve": "CVE-2023-34035",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34035"
},
{
"cve": "CVE-2023-34453",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34453"
},
{
"cve": "CVE-2023-34454",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34454"
},
{
"cve": "CVE-2023-34455",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34455"
},
{
"cve": "CVE-2023-34462",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-34462"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-36479",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-36479"
},
{
"cve": "CVE-2023-39533",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-39533"
},
{
"cve": "CVE-2023-40167",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-40167"
},
{
"cve": "CVE-2023-40217",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-40217"
},
{
"cve": "CVE-2023-41105",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-41105"
},
{
"cve": "CVE-2023-41900",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-41900"
},
{
"cve": "CVE-2023-43642",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-43642"
},
{
"cve": "CVE-2023-43804",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-43804"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45803",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2023-45803"
},
{
"cve": "CVE-2024-21626",
"notes": [
{
"category": "description",
"text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033919"
]
},
"release_date": "2024-04-04T22:00:00.000+00:00",
"title": "CVE-2024-21626"
}
]
}
wid-sec-w-2022-1196
Vulnerability from csaf_certbund
Published
2022-08-25 22:00
Modified
2025-05-29 22:00
Summary
Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1196 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1196.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1196 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1196"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2022-08-25",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:3263-1 vom 2022-09-15",
"url": "http://www.auscert.org.au/bulletins/ESB-2022.4574"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:3294-1 vom 2022-09-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012274.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0634-1 vom 2023-03-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013982.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0768-1 vom 2023-03-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014072.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0852-1 vom 2023-03-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014114.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6001-1 vom 2023-04-06",
"url": "https://ubuntu.com/security/notices/USN-6001-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1971-1 vom 2023-04-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014564.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1983-1 vom 2023-04-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014573.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1973-1 vom 2023-04-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014569.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2007-1 vom 2023-04-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014581.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2023-1 vom 2023-04-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014587.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0834-1 vom 2025-03-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020497.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-213 vom 2025-05-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000326299/dsa-2025-213-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-multiple-third-party-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2025-05-29T22:00:00.000+00:00",
"generator": {
"date": "2025-05-30T10:55:28.749+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-1196",
"initial_release_date": "2022-08-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-08-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-09-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-03-07T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-03-16T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-03-21T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-05T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-26T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-11T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "12"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "6368",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2991",
"product_status": {
"known_affected": [
"T002207",
"6368",
"T000126",
"T034583",
"T039664"
]
},
"release_date": "2022-08-25T22:00:00.000+00:00",
"title": "CVE-2022-2991"
}
]
}
fkie_cve-2022-2991
Vulnerability from fkie_nvd
Published
2022-08-25 18:15
Modified
2024-11-21 07:02
Severity ?
Summary
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114&id=549209caabc89f2877ad5f62d11fca5c052e0e8 | Mailing List, Patch, Vendor Advisory | |
| secalert@redhat.com | https://www.zerodayinitiative.com/advisories/ZDI-22-960/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114&id=549209caabc89f2877ad5f62d11fca5c052e0e8 | Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-960/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "037A6DFB-B41D-4CC7-86C1-A201809B79C4",
"versionEndExcluding": "5.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el subsistema LightNVM del kernel de Linux. El problema es debido a la falta de comprobaci\u00f3n apropiada de la longitud de los datos suministrados por el usuario antes de copiarlos en un b\u00fafer de longitud fija en la regi\u00f3n heap de la memoria. Esta vulnerabilidad permite a un atacante local escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto del kernel. El atacante debe obtener primero la capacidad de ejecutar c\u00f3digo con altos privilegios en el sistema objetivo para explotar esta vulnerabilidad."
}
],
"id": "CVE-2022-2991",
"lastModified": "2024-11-21T07:02:02.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T18:15:10.363",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2022-2991
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-2991",
"description": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"id": "GSD-2022-2991",
"references": [
"https://www.suse.com/security/cve/CVE-2022-2991.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-2991"
],
"details": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"id": "GSD-2022-2991",
"modified": "2023-12-13T01:19:19.636729Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "Fixed in kernel 5.15-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.15",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2991"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-08-30T20:31Z",
"publishedDate": "2022-08-25T18:15Z"
}
}
}
ghsa-9fpj-jhm5-p6h9
Vulnerability from github
Published
2022-08-26 00:03
Modified
2022-08-31 00:00
Severity ?
VLAI Severity ?
Details
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-2991"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-25T18:15:00Z",
"severity": "MODERATE"
},
"details": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"id": "GHSA-9fpj-jhm5-p6h9",
"modified": "2022-08-31T00:00:20Z",
"published": "2022-08-26T00:03:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2991"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114\u0026id=549209caabc89f2877ad5f62d11fca5c052e0e8"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-960"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…