opensuse-su-2019:2392-1
Vulnerability from csaf_opensuse
Published
2019-10-27 18:35
Modified
2019-10-27 18:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound check, leading to a buffer overflow (bnc#1154372).
- CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465).
- CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452).
- CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158).
- CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788).
The following non-security bugs were fixed:
- 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
- ACPI / CPPC: do not require the _PSD method (bsc#1051510).
- ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).
- ACPI / processor: do not print errors for processorIDs == 0xff (bsc#1051510).
- act_mirred: Fix mirred_init_module error handling (bsc#1051510).
- Add kernel module compression support (bsc#1135854)
For enabling the kernel module compress, add the item COMPRESS_MODULES='xz' in config.sh, then mkspec will pass it to the spec file.
- ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
- ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).
- ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).
- ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).
- ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
- ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).
- ALSA: hda: Flush interrupts on disabling (bsc#1051510).
- ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).
- ALSA: hda - Inform too slow responses (bsc#1051510).
- ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).
- ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).
- ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).
- ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).
- ALSA: hda: Set fifo_size for both playback and capture streams (bsc#1051510).
- ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
- ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510).
- ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510).
- ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
- ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
- ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
- ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).
- appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).
- ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510).
- ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
- ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).
- ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).
- auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).
- ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- blacklist 'signal: Correct namespace fixups of si_pid and si_uid' (bsc#1142667)
- blk-wbt: abstract out end IO completion handler (bsc#1135873).
- blk-wbt: fix has-sleeper queueing check (bsc#1135873).
- blk-wbt: improve waking of tasks (bsc#1135873).
- blk-wbt: move disable check into get_limit() (bsc#1135873).
- blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
- block: add io timeout to sysfs (bsc#1148410).
- block: do not show io_timeout if driver has no timeout handler (bsc#1148410).
- bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).
- bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
- bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
- btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
- btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).
- btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).
- btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).
- btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).
- can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510).
- can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510).
- cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15).
- cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
- ceph: fix directories inode i_blkbits initialization (bsc#1153717).
- ceph: reconnect connection if session hang in opening state (bsc#1153718).
- ceph: update the mtime when truncating up (bsc#1153719).
- cfg80211: add and use strongly typed element iteration macros (bsc#1051510).
- cfg80211: Purge frame registrations on iftype change (bsc#1051510).
- clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510).
- clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
- clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
- clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510).
- crypto: talitos - fix missing break in switch statement (bsc#1142635).
- cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129).
- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129).
- cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513).
- cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).
- cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
- dasd_fba: Display '00000000' for zero page when dumping sense
- /dev/mem: Bail out upon SIGKILL (git-fixes).
- drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
- drm/amdgpu/si: fix ASIC tests (git-fixes).
- drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
- drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
- drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
- drm: Flush output polling on shutdown (bsc#1051510).
- drm/msm/dsi: Implement reset correctly (bsc#1051510).
- drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
- drm/radeon: Fix EEH during kexec (bsc#1051510).
- drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510).
- drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
- e1000e: add workaround for possible stalled packet (bsc#1051510).
- firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes).
- Fix AMD IOMMU kABI (bsc#1154610).
- Fix KVM kABI after x86 mmu backports (bsc#1117665).
- gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bsc#1051510).
- HID: apple: Fix stuck function keys when using FN (bsc#1051510).
- HID: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
- HID: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510).
- HID: prodikeys: Fix general protection fault during probe (bsc#1051510).
- HID: sony: Fix memory corruption issue on cleanup (bsc#1051510).
- hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510).
- hwrng: core - do not wait on add_early_randomness() (git-fixes).
- i2c: riic: Clear NACK in tend isr (bsc#1051510).
- IB/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
- IB/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
- IB/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
- IB/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
- IB/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
- ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
- ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- iio: adc: ad799x: fix probe error handling (bsc#1051510).
- iio: light: opt3001: fix mutex unlock race (bsc#1051510).
- ima: always return negative code for error (bsc#1051510).
- Input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
- iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799).
- iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
- iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
- iommu/amd: Remove domain->updated (bsc#1154610).
- iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611).
- ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510).
- ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' (networking-stable-19_09_15).
- ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674).
- ixgbe: sync the first fragment unconditionally (bsc#1133140).
- kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).
- kabi/severities: Whitelist functions internal to radix mm. To call these functions you have to first detect if you are running in radix mm mode which can't be expected of OOT code.
- kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
- kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578).
- kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).
- kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case.
- kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875).
- kvm: Convert kvm_lock to a mutex (bsc#1117665).
- kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).
- kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840).
- kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665).
- kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
- kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
- kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
- kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665).
- kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
- libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
- lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
- mac80211: accept deauth frames in IBSS mode (bsc#1051510).
- macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
- media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
- media: cpia2_usb: fix memory leaks (bsc#1051510).
- media: dvb-core: fix a memory leak bug (bsc#1051510).
- media: exynos4-is: fix leaked of_node references (bsc#1051510).
- media: gspca: zero usb_buf on error (bsc#1051510).
- media: hdpvr: Add device num check and handling (bsc#1051510).
- media: hdpvr: add terminating 0 at end of string (bsc#1051510).
- media: i2c: ov5645: Fix power sequence (bsc#1051510).
- media: iguanair: add sanity checks (bsc#1051510).
- media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510).
- media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
- media: ov9650: add a sanity check (bsc#1051510).
- media: radio/si470x: kill urb on error (bsc#1051510).
- media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).
- media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
- media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
- media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
- media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
- memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#1051510).
- mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
- mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
- mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
- mmc: sdhci: improve ADMA error reporting (bsc#1051510).
- mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
- net: Fix null de-reference of device refcount (networking-stable-19_09_15).
- net: fix skb use after free in netpoll (networking-stable-19_09_05).
- net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15).
- net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).
- net/mlx4_en: fix a memory leak bug (bsc#1046299).
- net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
- net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
- net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).
- net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05).
- nfc: fix attrs checks in netlink interface (bsc#1051510).
- nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
- nfc: pn533: fix use-after-free and memleaks (bsc#1051510).
- objtool: Clobber user CFLAGS variable (bsc#1153236).
- PCI: Correct pci=resource_alignment parameter example (bsc#1051510).
- PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
- PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#1153263).
- PCI: PM: Fix pci_power_up() (bsc#1051510).
- pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
- platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
- platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510).
- powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186).
- powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186).
- powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
- powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).
- powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
- powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
- powerpc/mm: Properly invalidate when setting process table base (bsc#1055186).
- powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186).
- powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186).
- powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778).
- powerpc/pseries: Remove confusing warning message (bsc#1109158).
- powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778).
- power: supply: sysfs: ratelimit property read error message (bsc#1051510).
- Pull packaging cleanup from mkubecek.
- qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545).
- qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
- qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).
- qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#1050536 bsc#1050545).
- RDMA/bnxt_re: Fix spelling mistake 'missin_resp' -> 'missing_resp' (bsc#1050244).
- RDMA: Fix goto target to release the allocated memory (bsc#1050244).
- rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
- sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15).
- scripts/arch-symbols: add missing link.
- scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845).
- scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883).
- scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
- scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291).
- scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729).
- sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (networking-stable-19_09_15).
- sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15).
- Sign non-x86 kernels when possible (boo#1134303)
- sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
- sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791).
- staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
- tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
- tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).
- tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
- tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05).
- thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510).
- thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
- tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15).
- tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508).
- tun: fix use-after-free when register netdev failed (networking-stable-19_09_15).
- tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
- Update patches.suse/NFSv4-Check-the-return-value-of-update_open_stateid.patch (boo#1154189 bsc#1154747).
- usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).
- usb: adutux: fix use-after-free on disconnect (bsc#1142635).
- usb: adutux: fix use-after-free on release (bsc#1051510).
- usb: chaoskey: fix use-after-free on release (bsc#1051510).
- usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
- usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
- usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).
- usb: iowarrior: fix use-after-free on release (bsc#1051510).
- usb: legousbtower: fix deadlock on disconnect (bsc#1142635).
- usb: legousbtower: fix open after failed reset request (bsc#1142635).
- usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
- usb: legousbtower: fix slab info leak at probe (bsc#1142635).
- usb: legousbtower: fix use-after-free on release (bsc#1051510).
- usb: microtek: fix info-leak at probe (bsc#1142635).
- usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
- usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
- usb: serial: fix runtime PM after driver unbind (bsc#1051510).
- usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510).
- usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
- usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
- usb: serial: option: add Telit FN980 compositions (bsc#1051510).
- usb: usblcd: fix I/O after disconnect (bsc#1142635).
- usb: usblp: fix runtime PM after driver unbind (bsc#1051510).
- usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
- usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
- usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
- usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510).
- usb: yurex: Do not retry on unexpected errors (bsc#1051510).
- usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).
- vfio_pci: Restore original state on release (bsc#1051510).
- vhost_net: conditionally enable tx polling (bsc#1145099).
- video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510).
- watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510).
- x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
- x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
- xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
- xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
- xhci: Check all endpoints for LPM timeout (bsc#1051510).
- xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510).
- xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
- xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).
Patchnames
openSUSE-2019-2392
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound check, leading to a buffer overflow (bnc#1154372).\n- CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465).\n- CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452).\n- CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158).\n- CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nThe following non-security bugs were fixed:\n\n- 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).\n- ACPI / CPPC: do not require the _PSD method (bsc#1051510).\n- ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).\n- ACPI / processor: do not print errors for processorIDs == 0xff (bsc#1051510).\n- act_mirred: Fix mirred_init_module error handling (bsc#1051510).\n- Add kernel module compression support (bsc#1135854)\n For enabling the kernel module compress, add the item COMPRESS_MODULES=\u0027xz\u0027 in config.sh, then mkspec will pass it to the spec file.\n- ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).\n- ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).\n- ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).\n- ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).\n- ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).\n- ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).\n- ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n- ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).\n- ALSA: hda - Inform too slow responses (bsc#1051510).\n- ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).\n- ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).\n- ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).\n- ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).\n- ALSA: hda: Set fifo_size for both playback and capture streams (bsc#1051510).\n- ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).\n- ALSA: hda/sigmatel - remove unused variable \u0027stac9200_core_init\u0027 (bsc#1051510).\n- ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510).\n- ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).\n- ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).\n- ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).\n- ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).\n- appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n- ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).\n- ASoC: dmaengine: Make the pcm-\u003ename equal to pcm-\u003eid if the name is not set (bsc#1051510).\n- ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).\n- ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).\n- ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).\n- auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).\n- ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n- blacklist \u0027signal: Correct namespace fixups of si_pid and si_uid\u0027 (bsc#1142667)\n- blk-wbt: abstract out end IO completion handler (bsc#1135873).\n- blk-wbt: fix has-sleeper queueing check (bsc#1135873).\n- blk-wbt: improve waking of tasks (bsc#1135873).\n- blk-wbt: move disable check into get_limit() (bsc#1135873).\n- blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).\n- block: add io timeout to sysfs (bsc#1148410).\n- block: do not show io_timeout if driver has no timeout handler (bsc#1148410).\n- bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).\n- bnx2x: Fix VF\u0027s VLAN reconfiguration in reload (bsc#1086323 ).\n- bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).\n- btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).\n- btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).\n- btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).\n- btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).\n- btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).\n- can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510).\n- can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510).\n- cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15).\n- cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).\n- ceph: fix directories inode i_blkbits initialization (bsc#1153717).\n- ceph: reconnect connection if session hang in opening state (bsc#1153718).\n- ceph: update the mtime when truncating up (bsc#1153719).\n- cfg80211: add and use strongly typed element iteration macros (bsc#1051510).\n- cfg80211: Purge frame registrations on iftype change (bsc#1051510).\n- clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510).\n- clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).\n- clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).\n- clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510).\n- crypto: talitos - fix missing break in switch statement (bsc#1142635).\n- cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129).\n- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129).\n- cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513).\n- cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).\n- dasd_fba: Display \u002700000000\u0027 for zero page when dumping sense\n- /dev/mem: Bail out upon SIGKILL (git-fixes).\n- drm/amdgpu: Check for valid number of registers to read (bsc#1051510).\n- drm/amdgpu/si: fix ASIC tests (git-fixes).\n- drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).\n- drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).\n- drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).\n- drm: Flush output polling on shutdown (bsc#1051510).\n- drm/msm/dsi: Implement reset correctly (bsc#1051510).\n- drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).\n- drm/radeon: Fix EEH during kexec (bsc#1051510).\n- drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510).\n- drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).\n- e1000e: add workaround for possible stalled packet (bsc#1051510).\n- firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes).\n- Fix AMD IOMMU kABI (bsc#1154610).\n- Fix KVM kABI after x86 mmu backports (bsc#1117665).\n- gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bsc#1051510).\n- HID: apple: Fix stuck function keys when using FN (bsc#1051510).\n- HID: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).\n- HID: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510).\n- HID: prodikeys: Fix general protection fault during probe (bsc#1051510).\n- HID: sony: Fix memory corruption issue on cleanup (bsc#1051510).\n- hwmon: (acpi_power_meter) Change log level for \u0027unsafe software power cap\u0027 (bsc#1051510).\n- hwrng: core - do not wait on add_early_randomness() (git-fixes).\n- i2c: riic: Clear NACK in tend isr (bsc#1051510).\n- IB/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)\n- IB/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).\n- IB/mlx5: Consolidate use_umr checks into single function (bsc#1093205).\n- IB/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).\n- IB/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).\n- ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).\n- ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n- iio: adc: ad799x: fix probe error handling (bsc#1051510).\n- iio: light: opt3001: fix mutex unlock race (bsc#1051510).\n- ima: always return negative code for error (bsc#1051510).\n- Input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).\n- iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799).\n- iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).\n- iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).\n- iommu/amd: Remove domain-\u003eupdated (bsc#1154610).\n- iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611).\n- ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510).\n- ipv6: Fix the link time qualifier of \u0027ping_v6_proc_exit_net()\u0027 (networking-stable-19_09_15).\n- ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674).\n- ixgbe: sync the first fragment unconditionally (bsc#1133140).\n- kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n- kabi/severities: Whitelist functions internal to radix mm. To call these functions you have to first detect if you are running in radix mm mode which can\u0027t be expected of OOT code.\n- kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).\n- kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578).\n- kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).\n- kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case.\n- kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875).\n- kvm: Convert kvm_lock to a mutex (bsc#1117665).\n- kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).\n- kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840).\n- kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665).\n- kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).\n- kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).\n- kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).\n- kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).\n- kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665).\n- kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).\n- libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).\n- lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).\n- mac80211: accept deauth frames in IBSS mode (bsc#1051510).\n- macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).\n- media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).\n- media: cpia2_usb: fix memory leaks (bsc#1051510).\n- media: dvb-core: fix a memory leak bug (bsc#1051510).\n- media: exynos4-is: fix leaked of_node references (bsc#1051510).\n- media: gspca: zero usb_buf on error (bsc#1051510).\n- media: hdpvr: Add device num check and handling (bsc#1051510).\n- media: hdpvr: add terminating 0 at end of string (bsc#1051510).\n- media: i2c: ov5645: Fix power sequence (bsc#1051510).\n- media: iguanair: add sanity checks (bsc#1051510).\n- media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510).\n- media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).\n- media: ov9650: add a sanity check (bsc#1051510).\n- media: radio/si470x: kill urb on error (bsc#1051510).\n- media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).\n- media: saa7146: add cleanup in hexium_attach() (bsc#1051510).\n- media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).\n- media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).\n- media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).\n- memstick: jmb38x_ms: Fix an error handling path in \u0027jmb38x_ms_probe()\u0027 (bsc#1051510).\n- mfd: intel-lpss: Remove D3cold delay (bsc#1051510).\n- mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n- mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).\n- mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).\n- mmc: sdhci: improve ADMA error reporting (bsc#1051510).\n- mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).\n- net: Fix null de-reference of device refcount (networking-stable-19_09_15).\n- net: fix skb use after free in netpoll (networking-stable-19_09_05).\n- net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15).\n- net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n- net/mlx4_en: fix a memory leak bug (bsc#1046299).\n- net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).\n- net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).\n- net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n- net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05).\n- nfc: fix attrs checks in netlink interface (bsc#1051510).\n- nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).\n- nfc: pn533: fix use-after-free and memleaks (bsc#1051510).\n- objtool: Clobber user CFLAGS variable (bsc#1153236).\n- PCI: Correct pci=resource_alignment parameter example (bsc#1051510).\n- PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).\n- PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#1153263).\n- PCI: PM: Fix pci_power_up() (bsc#1051510).\n- pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).\n- platform/x86: classmate-laptop: remove unused variable (bsc#1051510).\n- platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510).\n- powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186).\n- powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186).\n- powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).\n- powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).\n- powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).\n- powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).\n- powerpc/mm: Properly invalidate when setting process table base (bsc#1055186).\n- powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186).\n- powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186).\n- powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778).\n- powerpc/pseries: Remove confusing warning message (bsc#1109158).\n- powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778).\n- power: supply: sysfs: ratelimit property read error message (bsc#1051510).\n- Pull packaging cleanup from mkubecek.\n- qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545).\n- qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).\n- qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).\n- qed: iWARP - Use READ_ONCE and smp_store_release to access ep-\u003estate (bsc#1050536 bsc#1050545).\n- RDMA/bnxt_re: Fix spelling mistake \u0027missin_resp\u0027 -\u003e \u0027missing_resp\u0027 (bsc#1050244).\n- RDMA: Fix goto target to release the allocated memory (bsc#1050244).\n- rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).\n- sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15).\n- scripts/arch-symbols: add missing link.\n- scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845).\n- scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883).\n- scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).\n- scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291).\n- scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729).\n- sctp: Fix the link time qualifier of \u0027sctp_ctrlsock_exit()\u0027 (networking-stable-19_09_15).\n- sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15).\n- Sign non-x86 kernels when possible (boo#1134303)\n- sock_diag: fix autoloading of the raw_diag module (bsc#1152791).\n- sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791).\n- staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).\n- tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).\n- tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).\n- tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).\n- tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05).\n- thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510).\n- thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).\n- tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15).\n- tracing: Initialize iter-\u003eseq after zeroing in tracing_read_pipe() (bsc#1151508).\n- tun: fix use-after-free when register netdev failed (networking-stable-19_09_15).\n- tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).\n- Update patches.suse/NFSv4-Check-the-return-value-of-update_open_stateid.patch (boo#1154189 bsc#1154747).\n- usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).\n- usb: adutux: fix use-after-free on disconnect (bsc#1142635).\n- usb: adutux: fix use-after-free on release (bsc#1051510).\n- usb: chaoskey: fix use-after-free on release (bsc#1051510).\n- usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).\n- usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).\n- usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).\n- usb: iowarrior: fix use-after-free on release (bsc#1051510).\n- usb: legousbtower: fix deadlock on disconnect (bsc#1142635).\n- usb: legousbtower: fix open after failed reset request (bsc#1142635).\n- usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).\n- usb: legousbtower: fix slab info leak at probe (bsc#1142635).\n- usb: legousbtower: fix use-after-free on release (bsc#1051510).\n- usb: microtek: fix info-leak at probe (bsc#1142635).\n- usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).\n- usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).\n- usb: serial: fix runtime PM after driver unbind (bsc#1051510).\n- usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510).\n- usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).\n- usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).\n- usb: serial: option: add Telit FN980 compositions (bsc#1051510).\n- usb: usblcd: fix I/O after disconnect (bsc#1142635).\n- usb: usblp: fix runtime PM after driver unbind (bsc#1051510).\n- usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).\n- usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).\n- usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).\n- usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510).\n- usb: yurex: Do not retry on unexpected errors (bsc#1051510).\n- usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).\n- vfio_pci: Restore original state on release (bsc#1051510).\n- vhost_net: conditionally enable tx polling (bsc#1145099).\n- video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510).\n- watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510).\n- x86/asm: Fix MWAITX C-state hint value (bsc#1114279).\n- x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).\n- xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).\n- xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).\n- xhci: Check all endpoints for LPM timeout (bsc#1051510).\n- xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510).\n- xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).\n- xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2392",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2392-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2392-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q4WWYJXXZCGVC2OIDWXE4ESZ2GFQW5ER/#Q4WWYJXXZCGVC2OIDWXE4ESZ2GFQW5ER"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2392-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q4WWYJXXZCGVC2OIDWXE4ESZ2GFQW5ER/#Q4WWYJXXZCGVC2OIDWXE4ESZ2GFQW5ER"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1046303",
"url": "https://bugzilla.suse.com/1046303"
},
{
"category": "self",
"summary": "SUSE Bug 1046305",
"url": "https://bugzilla.suse.com/1046305"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1050536",
"url": "https://bugzilla.suse.com/1050536"
},
{
"category": "self",
"summary": "SUSE Bug 1050545",
"url": "https://bugzilla.suse.com/1050545"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1061840",
"url": "https://bugzilla.suse.com/1061840"
},
{
"category": "self",
"summary": "SUSE Bug 1064802",
"url": "https://bugzilla.suse.com/1064802"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1066129",
"url": "https://bugzilla.suse.com/1066129"
},
{
"category": "self",
"summary": "SUSE Bug 1073513",
"url": "https://bugzilla.suse.com/1073513"
},
{
"category": "self",
"summary": "SUSE Bug 1086323",
"url": "https://bugzilla.suse.com/1086323"
},
{
"category": "self",
"summary": "SUSE Bug 1087092",
"url": "https://bugzilla.suse.com/1087092"
},
{
"category": "self",
"summary": "SUSE Bug 1089644",
"url": "https://bugzilla.suse.com/1089644"
},
{
"category": "self",
"summary": "SUSE Bug 1093205",
"url": "https://bugzilla.suse.com/1093205"
},
{
"category": "self",
"summary": "SUSE Bug 1097583",
"url": "https://bugzilla.suse.com/1097583"
},
{
"category": "self",
"summary": "SUSE Bug 1097584",
"url": "https://bugzilla.suse.com/1097584"
},
{
"category": "self",
"summary": "SUSE Bug 1097585",
"url": "https://bugzilla.suse.com/1097585"
},
{
"category": "self",
"summary": "SUSE Bug 1097586",
"url": "https://bugzilla.suse.com/1097586"
},
{
"category": "self",
"summary": "SUSE Bug 1097587",
"url": "https://bugzilla.suse.com/1097587"
},
{
"category": "self",
"summary": "SUSE Bug 1097588",
"url": "https://bugzilla.suse.com/1097588"
},
{
"category": "self",
"summary": "SUSE Bug 1098291",
"url": "https://bugzilla.suse.com/1098291"
},
{
"category": "self",
"summary": "SUSE Bug 1101674",
"url": "https://bugzilla.suse.com/1101674"
},
{
"category": "self",
"summary": "SUSE Bug 1109158",
"url": "https://bugzilla.suse.com/1109158"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1117665",
"url": "https://bugzilla.suse.com/1117665"
},
{
"category": "self",
"summary": "SUSE Bug 1123080",
"url": "https://bugzilla.suse.com/1123080"
},
{
"category": "self",
"summary": "SUSE Bug 1133140",
"url": "https://bugzilla.suse.com/1133140"
},
{
"category": "self",
"summary": "SUSE Bug 1134303",
"url": "https://bugzilla.suse.com/1134303"
},
{
"category": "self",
"summary": "SUSE Bug 1135642",
"url": "https://bugzilla.suse.com/1135642"
},
{
"category": "self",
"summary": "SUSE Bug 1135854",
"url": "https://bugzilla.suse.com/1135854"
},
{
"category": "self",
"summary": "SUSE Bug 1135873",
"url": "https://bugzilla.suse.com/1135873"
},
{
"category": "self",
"summary": "SUSE Bug 1137799",
"url": "https://bugzilla.suse.com/1137799"
},
{
"category": "self",
"summary": "SUSE Bug 1140729",
"url": "https://bugzilla.suse.com/1140729"
},
{
"category": "self",
"summary": "SUSE Bug 1140845",
"url": "https://bugzilla.suse.com/1140845"
},
{
"category": "self",
"summary": "SUSE Bug 1140883",
"url": "https://bugzilla.suse.com/1140883"
},
{
"category": "self",
"summary": "SUSE Bug 1141600",
"url": "https://bugzilla.suse.com/1141600"
},
{
"category": "self",
"summary": "SUSE Bug 1142635",
"url": "https://bugzilla.suse.com/1142635"
},
{
"category": "self",
"summary": "SUSE Bug 1142667",
"url": "https://bugzilla.suse.com/1142667"
},
{
"category": "self",
"summary": "SUSE Bug 1144375",
"url": "https://bugzilla.suse.com/1144375"
},
{
"category": "self",
"summary": "SUSE Bug 1144449",
"url": "https://bugzilla.suse.com/1144449"
},
{
"category": "self",
"summary": "SUSE Bug 1145099",
"url": "https://bugzilla.suse.com/1145099"
},
{
"category": "self",
"summary": "SUSE Bug 1148410",
"url": "https://bugzilla.suse.com/1148410"
},
{
"category": "self",
"summary": "SUSE Bug 1150452",
"url": "https://bugzilla.suse.com/1150452"
},
{
"category": "self",
"summary": "SUSE Bug 1150465",
"url": "https://bugzilla.suse.com/1150465"
},
{
"category": "self",
"summary": "SUSE Bug 1150875",
"url": "https://bugzilla.suse.com/1150875"
},
{
"category": "self",
"summary": "SUSE Bug 1151508",
"url": "https://bugzilla.suse.com/1151508"
},
{
"category": "self",
"summary": "SUSE Bug 1152788",
"url": "https://bugzilla.suse.com/1152788"
},
{
"category": "self",
"summary": "SUSE Bug 1152791",
"url": "https://bugzilla.suse.com/1152791"
},
{
"category": "self",
"summary": "SUSE Bug 1153112",
"url": "https://bugzilla.suse.com/1153112"
},
{
"category": "self",
"summary": "SUSE Bug 1153158",
"url": "https://bugzilla.suse.com/1153158"
},
{
"category": "self",
"summary": "SUSE Bug 1153236",
"url": "https://bugzilla.suse.com/1153236"
},
{
"category": "self",
"summary": "SUSE Bug 1153263",
"url": "https://bugzilla.suse.com/1153263"
},
{
"category": "self",
"summary": "SUSE Bug 1153646",
"url": "https://bugzilla.suse.com/1153646"
},
{
"category": "self",
"summary": "SUSE Bug 1153713",
"url": "https://bugzilla.suse.com/1153713"
},
{
"category": "self",
"summary": "SUSE Bug 1153717",
"url": "https://bugzilla.suse.com/1153717"
},
{
"category": "self",
"summary": "SUSE Bug 1153718",
"url": "https://bugzilla.suse.com/1153718"
},
{
"category": "self",
"summary": "SUSE Bug 1153719",
"url": "https://bugzilla.suse.com/1153719"
},
{
"category": "self",
"summary": "SUSE Bug 1153811",
"url": "https://bugzilla.suse.com/1153811"
},
{
"category": "self",
"summary": "SUSE Bug 1154108",
"url": "https://bugzilla.suse.com/1154108"
},
{
"category": "self",
"summary": "SUSE Bug 1154189",
"url": "https://bugzilla.suse.com/1154189"
},
{
"category": "self",
"summary": "SUSE Bug 1154354",
"url": "https://bugzilla.suse.com/1154354"
},
{
"category": "self",
"summary": "SUSE Bug 1154372",
"url": "https://bugzilla.suse.com/1154372"
},
{
"category": "self",
"summary": "SUSE Bug 1154578",
"url": "https://bugzilla.suse.com/1154578"
},
{
"category": "self",
"summary": "SUSE Bug 1154607",
"url": "https://bugzilla.suse.com/1154607"
},
{
"category": "self",
"summary": "SUSE Bug 1154608",
"url": "https://bugzilla.suse.com/1154608"
},
{
"category": "self",
"summary": "SUSE Bug 1154610",
"url": "https://bugzilla.suse.com/1154610"
},
{
"category": "self",
"summary": "SUSE Bug 1154611",
"url": "https://bugzilla.suse.com/1154611"
},
{
"category": "self",
"summary": "SUSE Bug 1154651",
"url": "https://bugzilla.suse.com/1154651"
},
{
"category": "self",
"summary": "SUSE Bug 1154747",
"url": "https://bugzilla.suse.com/1154747"
},
{
"category": "self",
"summary": "SUSE Bug 118461_FIXME",
"url": "https://bugzilla.suse.com/118461_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 133135_FIXME",
"url": "https://bugzilla.suse.com/133135_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 135757_FIXME",
"url": "https://bugzilla.suse.com/135757_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 147830_FIXME",
"url": "https://bugzilla.suse.com/147830_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 147831_FIXME",
"url": "https://bugzilla.suse.com/147831_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 158172_FIXME",
"url": "https://bugzilla.suse.com/158172_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 165544_FIXME",
"url": "https://bugzilla.suse.com/165544_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 166495_FIXME",
"url": "https://bugzilla.suse.com/166495_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 172859_FIXME",
"url": "https://bugzilla.suse.com/172859_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 172860_FIXME",
"url": "https://bugzilla.suse.com/172860_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 181778_FIXME",
"url": "https://bugzilla.suse.com/181778_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229268_FIXME",
"url": "https://bugzilla.suse.com/229268_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229269_FIXME",
"url": "https://bugzilla.suse.com/229269_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229270_FIXME",
"url": "https://bugzilla.suse.com/229270_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229274_FIXME",
"url": "https://bugzilla.suse.com/229274_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229277_FIXME",
"url": "https://bugzilla.suse.com/229277_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229279_FIXME",
"url": "https://bugzilla.suse.com/229279_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229280_FIXME",
"url": "https://bugzilla.suse.com/229280_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229281_FIXME",
"url": "https://bugzilla.suse.com/229281_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229283_FIXME",
"url": "https://bugzilla.suse.com/229283_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229285_FIXME",
"url": "https://bugzilla.suse.com/229285_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229286_FIXME",
"url": "https://bugzilla.suse.com/229286_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 229297_FIXME",
"url": "https://bugzilla.suse.com/229297_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 296718_FIXME",
"url": "https://bugzilla.suse.com/296718_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 358767_FIXME",
"url": "https://bugzilla.suse.com/358767_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 359798_FIXME",
"url": "https://bugzilla.suse.com/359798_FIXME"
},
{
"category": "self",
"summary": "SUSE Bug 802154",
"url": "https://bugzilla.suse.com/802154"
},
{
"category": "self",
"summary": "SUSE Bug 814594",
"url": "https://bugzilla.suse.com/814594"
},
{
"category": "self",
"summary": "SUSE Bug 919448",
"url": "https://bugzilla.suse.com/919448"
},
{
"category": "self",
"summary": "SUSE Bug 987367",
"url": "https://bugzilla.suse.com/987367"
},
{
"category": "self",
"summary": "SUSE Bug 998153",
"url": "https://bugzilla.suse.com/998153"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16234 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17056 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17133 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17666 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17666/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-10-27T18:35:05Z",
"generator": {
"date": "2019-10-27T18:35:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2392-1",
"initial_release_date": "2019-10-27T18:35:05Z",
"revision_history": [
{
"date": "2019-10-27T18:35:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-devel-4.12.14-lp150.12.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-docs-4.12.14-lp150.12.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp150.12.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-macros-4.12.14-lp150.12.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-source-4.12.14-lp150.12.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-default-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16232"
}
],
"notes": [
{
"category": "general",
"text": "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16232",
"url": "https://www.suse.com/security/cve/CVE-2019-16232"
},
{
"category": "external",
"summary": "SUSE Bug 1150465 for CVE-2019-16232",
"url": "https://bugzilla.suse.com/1150465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-27T18:35:05Z",
"details": "moderate"
}
],
"title": "CVE-2019-16232"
},
{
"cve": "CVE-2019-16234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16234"
}
],
"notes": [
{
"category": "general",
"text": "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16234",
"url": "https://www.suse.com/security/cve/CVE-2019-16234"
},
{
"category": "external",
"summary": "SUSE Bug 1150452 for CVE-2019-16234",
"url": "https://bugzilla.suse.com/1150452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-27T18:35:05Z",
"details": "low"
}
],
"title": "CVE-2019-16234"
},
{
"cve": "CVE-2019-17056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17056"
}
],
"notes": [
{
"category": "general",
"text": "llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17056",
"url": "https://www.suse.com/security/cve/CVE-2019-17056"
},
{
"category": "external",
"summary": "SUSE Bug 1152788 for CVE-2019-17056",
"url": "https://bugzilla.suse.com/1152788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-27T18:35:05Z",
"details": "moderate"
}
],
"title": "CVE-2019-17056"
},
{
"cve": "CVE-2019-17133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17133",
"url": "https://www.suse.com/security/cve/CVE-2019-17133"
},
{
"category": "external",
"summary": "SUSE Bug 1153158 for CVE-2019-17133",
"url": "https://bugzilla.suse.com/1153158"
},
{
"category": "external",
"summary": "SUSE Bug 1153161 for CVE-2019-17133",
"url": "https://bugzilla.suse.com/1153161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-27T18:35:05Z",
"details": "moderate"
}
],
"title": "CVE-2019-17133"
},
{
"cve": "CVE-2019-17666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17666"
}
],
"notes": [
{
"category": "general",
"text": "rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17666",
"url": "https://www.suse.com/security/cve/CVE-2019-17666"
},
{
"category": "external",
"summary": "SUSE Bug 1154372 for CVE-2019-17666",
"url": "https://bugzilla.suse.com/1154372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.79.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.79.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-27T18:35:05Z",
"details": "moderate"
}
],
"title": "CVE-2019-17666"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…