opensuse-su-2019:2503-1
Vulnerability from csaf_opensuse
Published
2019-11-14 05:53
Modified
2019-11-14 05:53
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. (bsc#1135966)
- CVE-2019-0155: A privilege escalation vulnerability has been fixed in the i915 module that allowed batch buffers from user mode to gain super user privileges. (bsc#1135967)
- CVE-2019-16231: drivers/net/fjes/fjes_main.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466).
- CVE-2019-18805: There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6 (bnc#1156187).
- CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21 (bnc#1152782).
- CVE-2019-16995: A memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c, if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685).
- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.
The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251
- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150457).
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.
The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/?id=7023735
- CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).
The following non-security bugs were fixed:
- ALSA: bebob: Fix prototype of helper function to return negative value (bsc#1051510).
- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).
- ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).
- ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
- ALSA: hda/ca0132 - Fix possible workqueue stall (bsc#1155836).
- ALSA: hda/realtek - Add support for ALC623 (bsc#1051510).
- ALSA: hda/realtek - Add support for ALC711 (bsc#1051510).
- ALSA: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).
- ALSA: timer: Fix mutex deadlock at releasing card (bsc#1051510).
- arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).
- ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
- ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).
- bpf: fix use after free in prog symbol exposure (bsc#1083647).
- btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).
- btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).
- btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
- btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).
- can: dev: call netif_carrier_off() in register_candev() (bsc#1051510).
- crypto: af_alg - consolidation of duplicate code (bsc#1154737).
- crypto: af_alg - fix race accessing cipher request (bsc#1154737).
- crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737).
- crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
- crypto: af_alg - remove locking in async callback (bsc#1154737).
- crypto: af_alg - update correct dst SGL entry (bsc#1051510).
- crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
- crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
- crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
- crypto: algif_aead - overhaul memory management (bsc#1154737).
- crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
- crypto: algif - return error code when no data was processed (bsc#1154737).
- crypto: algif_skcipher - overhaul memory management (bsc#1154737).
- cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05).
- dmaengine: bcm2835: Print error in case setting DMA mask fails (bsc#1051510).
- dmaengine: imx-sdma: fix size check for sdma script_number (bsc#1051510).
- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
- drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
- drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
- drm/i915: Allow parsing of unsized batches (bsc#1135967)
- drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
- drm/i915/cmdparser: Ignore Length operands during command matching (bsc#1135967)
- drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
- drm/i915: Disable Secure Batches for gen6+
- drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
- drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
- drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
- drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
- drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
- drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#1135967)
- drm/i915: Remove Master tables from cmdparser
- drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
- drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
- efi: cper: print AER info of PCIe fatal error (bsc#1051510).
- efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510).
- efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510).
- HID: fix error message in hid_open_report() (bsc#1051510).
- HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
- hso: fix NULL-deref on tty open (bsc#1051510).
- hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
- IB/core: Add mitigation for Spectre V1 (bsc#1155671)
- ieee802154: ca8210: prevent memory leak (bsc#1051510).
- input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
- integrity: prevent deadlock during digsig verification (bsc#1090631).
- ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05).
- ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05).
- iwlwifi: do not panic in error path on non-msix systems (bsc#1155692).
- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
- kABI workaround for crypto/af_alg changes (bsc#1154737).
- kABI workaround for drm_vma_offset_node readonly field addition (bsc#1135967)
- ksm: cleanup stable_node chain collapse case (bnc#1144338).
- ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
- ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338).
- ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338).
- ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
- KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665).
- mac80211: fix txq null pointer dereference (bsc#1051510).
- mac80211: Reject malformed SSID elements (bsc#1051510).
- md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090).
- md/raid0: fix warning message for parameter default_layout (bsc#1140090).
- Move upstreamed CA0132 fix into sorted section
- netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
- net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes).
- net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30).
- net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05).
- net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
- net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05).
- net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
- net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
- net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
- net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30).
- net_sched: add policy validation for action attributes (networking-stable-19_09_30).
- net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
- net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05).
- NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
- nl80211: fix null pointer dereference (bsc#1051510).
- openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30).
- power: supply: max14656: fix potential use-after-free (bsc#1051510).
- qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05).
- r8152: Set macpassthru in reset_resume callback (bsc#1051510).
- rds: Fix warning (bsc#1154848).
- Revert 'ALSA: hda: Flush interrupts on disabling' (bsc#1051510).
- Revert 'drm/radeon: Fix EEH during kexec' (bsc#1051510).
- Revert synaptics-rmi4 patch due to regression (bsc#1155982) Also blacklisting it
- rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119).
- s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
- s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).
- sc16is7xx: Fix for 'Unexpected interrupt: 8' (bsc#1051510).
- sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05).
- sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05).
- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
- sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30).
- scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040).
- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).
- scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034).
- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).
- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).
- scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956 LTC#182054).
- serial: fix kernel-doc warning in comments (bsc#1051510).
- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).
- serial: uartlite: fix exit path null pointer (bsc#1051510).
- skge: fix checksum byte order (networking-stable-19_09_30).
- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).
- staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#1051510).
- supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
- tipc: fix unlimited bundling of small messages (networking-stable-19_10_05).
- tracing: Get trace_array reference for available_tracers files (bsc#1156429).
- usb: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).
- usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bsc#1051510).
- usb: handle warm-reset port requests on hub resume (bsc#1051510).
- usb: ldusb: fix control-message timeout (bsc#1051510).
- usb: ldusb: fix memleak on disconnect (bsc#1051510).
- usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
- usb: ldusb: fix read info leaks (bsc#1051510).
- usb: ldusb: fix ring-buffer locking (bsc#1051510).
- usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
- usb: legousbtower: fix memleak on disconnect (bsc#1051510).
- usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
- usb: serial: whiteheat: fix line-speed endianness (bsc#1051510).
- usb: serial: whiteheat: fix potential slab corruption (bsc#1051510).
- usb-storage: Revert commit 747668dbc061 ('usb-storage: Set virt_boundary_mask to avoid SG overflows') (bsc#1051510).
- usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
- usb: usblp: fix use-after-free on disconnect (bsc#1051510).
- vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05).
- x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969).
- x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
Patchnames
openSUSE-2019-2503
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. (bsc#1135966)\n- CVE-2019-0155: A privilege escalation vulnerability has been fixed in the i915 module that allowed batch buffers from user mode to gain super user privileges. (bsc#1135967)\n- CVE-2019-16231: drivers/net/fjes/fjes_main.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466).\n- CVE-2019-18805: There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6 (bnc#1156187).\n- CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21 (bnc#1152782).\n- CVE-2019-16995: A memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c, if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685).\n- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described \u0027Microarchitectural Data Sampling\u0027 attack.\n\n The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).\n\n The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251\n\n- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150457).\n- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.\n\n The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed.\n\n More information can be found on https://www.suse.com/support/kb/doc/?id=7023735\n\n- CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).\n\nThe following non-security bugs were fixed:\n\n- ALSA: bebob: Fix prototype of helper function to return negative value (bsc#1051510).\n- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).\n- ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).\n- ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).\n- ALSA: hda/ca0132 - Fix possible workqueue stall (bsc#1155836).\n- ALSA: hda/realtek - Add support for ALC623 (bsc#1051510).\n- ALSA: hda/realtek - Add support for ALC711 (bsc#1051510).\n- ALSA: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).\n- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).\n- ALSA: timer: Fix mutex deadlock at releasing card (bsc#1051510).\n- arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).\n- ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).\n- ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).\n- bpf: fix use after free in prog symbol exposure (bsc#1083647).\n- btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).\n- btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).\n- btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).\n- btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).\n- can: dev: call netif_carrier_off() in register_candev() (bsc#1051510).\n- crypto: af_alg - consolidation of duplicate code (bsc#1154737).\n- crypto: af_alg - fix race accessing cipher request (bsc#1154737).\n- crypto: af_alg - Fix race around ctx-\u003ercvused by making it atomic_t (bsc#1154737).\n- crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).\n- crypto: af_alg - remove locking in async callback (bsc#1154737).\n- crypto: af_alg - update correct dst SGL entry (bsc#1051510).\n- crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).\n- crypto: algif_aead - copy AAD from src to dst (bsc#1154737).\n- crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).\n- crypto: algif_aead - overhaul memory management (bsc#1154737).\n- crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).\n- crypto: algif - return error code when no data was processed (bsc#1154737).\n- crypto: algif_skcipher - overhaul memory management (bsc#1154737).\n- cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05).\n- dmaengine: bcm2835: Print error in case setting DMA mask fails (bsc#1051510).\n- dmaengine: imx-sdma: fix size check for sdma script_number (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).\n- drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)\n- drm/i915: Add support for mandatory cmdparsing (bsc#1135967)\n- drm/i915: Allow parsing of unsized batches (bsc#1135967)\n- drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)\n- drm/i915/cmdparser: Ignore Length operands during command matching (bsc#1135967)\n- drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)\n- drm/i915: Disable Secure Batches for gen6+\n- drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)\n- drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)\n- drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)\n- drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)\n- drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)\n- drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#1135967)\n- drm/i915: Remove Master tables from cmdparser\n- drm/i915: Rename gen7 cmdparser tables (bsc#1135967)\n- drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)\n- efi: cper: print AER info of PCIe fatal error (bsc#1051510).\n- efi/memattr: Do not bail on zero VA if it equals the region\u0027s PA (bsc#1051510).\n- efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510).\n- HID: fix error message in hid_open_report() (bsc#1051510).\n- HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).\n- hso: fix NULL-deref on tty open (bsc#1051510).\n- hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).\n- IB/core: Add mitigation for Spectre V1 (bsc#1155671)\n- ieee802154: ca8210: prevent memory leak (bsc#1051510).\n- input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).\n- integrity: prevent deadlock during digsig verification (bsc#1090631).\n- ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05).\n- ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05).\n- iwlwifi: do not panic in error path on non-msix systems (bsc#1155692).\n- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).\n- kABI workaround for crypto/af_alg changes (bsc#1154737).\n- kABI workaround for drm_vma_offset_node readonly field addition (bsc#1135967)\n- ksm: cleanup stable_node chain collapse case (bnc#1144338).\n- ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).\n- ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338).\n- ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338).\n- ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).\n- KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665).\n- mac80211: fix txq null pointer dereference (bsc#1051510).\n- mac80211: Reject malformed SSID elements (bsc#1051510).\n- md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090).\n- md/raid0: fix warning message for parameter default_layout (bsc#1140090).\n- Move upstreamed CA0132 fix into sorted section\n- netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).\n- net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes).\n- net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30).\n- net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05).\n- net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).\n- net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05).\n- net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).\n- net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).\n- net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).\n- net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30).\n- net_sched: add policy validation for action attributes (networking-stable-19_09_30).\n- net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).\n- net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05).\n- NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).\n- nl80211: fix null pointer dereference (bsc#1051510).\n- openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30).\n- power: supply: max14656: fix potential use-after-free (bsc#1051510).\n- qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05).\n- r8152: Set macpassthru in reset_resume callback (bsc#1051510).\n- rds: Fix warning (bsc#1154848).\n- Revert \u0027ALSA: hda: Flush interrupts on disabling\u0027 (bsc#1051510).\n- Revert \u0027drm/radeon: Fix EEH during kexec\u0027 (bsc#1051510).\n- Revert synaptics-rmi4 patch due to regression (bsc#1155982) Also blacklisting it\n- rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119).\n- s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).\n- s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).\n- sc16is7xx: Fix for \u0027Unexpected interrupt: 8\u0027 (bsc#1051510).\n- sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05).\n- sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05).\n- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).\n- sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30).\n- scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040).\n- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).\n- scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034).\n- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).\n- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).\n- scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956 LTC#182054).\n- serial: fix kernel-doc warning in comments (bsc#1051510).\n- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).\n- serial: uartlite: fix exit path null pointer (bsc#1051510).\n- skge: fix checksum byte order (networking-stable-19_09_30).\n- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).\n- staging: wlan-ng: fix exit return when sme-\u003ekey_idx \u003e= NUM_WEPKEYS (bsc#1051510).\n- supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).\n- tipc: fix unlimited bundling of small messages (networking-stable-19_10_05).\n- tracing: Get trace_array reference for available_tracers files (bsc#1156429).\n- usb: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).\n- usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bsc#1051510).\n- usb: handle warm-reset port requests on hub resume (bsc#1051510).\n- usb: ldusb: fix control-message timeout (bsc#1051510).\n- usb: ldusb: fix memleak on disconnect (bsc#1051510).\n- usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).\n- usb: ldusb: fix read info leaks (bsc#1051510).\n- usb: ldusb: fix ring-buffer locking (bsc#1051510).\n- usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).\n- usb: legousbtower: fix memleak on disconnect (bsc#1051510).\n- usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).\n- usb: serial: whiteheat: fix line-speed endianness (bsc#1051510).\n- usb: serial: whiteheat: fix potential slab corruption (bsc#1051510).\n- usb-storage: Revert commit 747668dbc061 (\u0027usb-storage: Set virt_boundary_mask to avoid SG overflows\u0027) (bsc#1051510).\n- usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).\n- usb: usblp: fix use-after-free on disconnect (bsc#1051510).\n- vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05).\n- x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969).\n- x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2503",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2503-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2503-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GT2JTOAOVM6XT2DFUS6CAXI4NAAVMRVR/#GT2JTOAOVM6XT2DFUS6CAXI4NAAVMRVR"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2503-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GT2JTOAOVM6XT2DFUS6CAXI4NAAVMRVR/#GT2JTOAOVM6XT2DFUS6CAXI4NAAVMRVR"
},
{
"category": "self",
"summary": "SUSE Bug 1048942",
"url": "https://bugzilla.suse.com/1048942"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1082635",
"url": "https://bugzilla.suse.com/1082635"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1090631",
"url": "https://bugzilla.suse.com/1090631"
},
{
"category": "self",
"summary": "SUSE Bug 1096254",
"url": "https://bugzilla.suse.com/1096254"
},
{
"category": "self",
"summary": "SUSE Bug 1117665",
"url": "https://bugzilla.suse.com/1117665"
},
{
"category": "self",
"summary": "SUSE Bug 1119461",
"url": "https://bugzilla.suse.com/1119461"
},
{
"category": "self",
"summary": "SUSE Bug 1119465",
"url": "https://bugzilla.suse.com/1119465"
},
{
"category": "self",
"summary": "SUSE Bug 1123034",
"url": "https://bugzilla.suse.com/1123034"
},
{
"category": "self",
"summary": "SUSE Bug 1135966",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "self",
"summary": "SUSE Bug 1135967",
"url": "https://bugzilla.suse.com/1135967"
},
{
"category": "self",
"summary": "SUSE Bug 1137040",
"url": "https://bugzilla.suse.com/1137040"
},
{
"category": "self",
"summary": "SUSE Bug 1138190",
"url": "https://bugzilla.suse.com/1138190"
},
{
"category": "self",
"summary": "SUSE Bug 1139073",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "self",
"summary": "SUSE Bug 1140090",
"url": "https://bugzilla.suse.com/1140090"
},
{
"category": "self",
"summary": "SUSE Bug 1143706",
"url": "https://bugzilla.suse.com/1143706"
},
{
"category": "self",
"summary": "SUSE Bug 1144338",
"url": "https://bugzilla.suse.com/1144338"
},
{
"category": "self",
"summary": "SUSE Bug 1144903",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "self",
"summary": "SUSE Bug 1146612",
"url": "https://bugzilla.suse.com/1146612"
},
{
"category": "self",
"summary": "SUSE Bug 1149119",
"url": "https://bugzilla.suse.com/1149119"
},
{
"category": "self",
"summary": "SUSE Bug 1150457",
"url": "https://bugzilla.suse.com/1150457"
},
{
"category": "self",
"summary": "SUSE Bug 1150466",
"url": "https://bugzilla.suse.com/1150466"
},
{
"category": "self",
"summary": "SUSE Bug 1152624",
"url": "https://bugzilla.suse.com/1152624"
},
{
"category": "self",
"summary": "SUSE Bug 1152685",
"url": "https://bugzilla.suse.com/1152685"
},
{
"category": "self",
"summary": "SUSE Bug 1152782",
"url": "https://bugzilla.suse.com/1152782"
},
{
"category": "self",
"summary": "SUSE Bug 1153476",
"url": "https://bugzilla.suse.com/1153476"
},
{
"category": "self",
"summary": "SUSE Bug 1153509",
"url": "https://bugzilla.suse.com/1153509"
},
{
"category": "self",
"summary": "SUSE Bug 1153681",
"url": "https://bugzilla.suse.com/1153681"
},
{
"category": "self",
"summary": "SUSE Bug 1153969",
"url": "https://bugzilla.suse.com/1153969"
},
{
"category": "self",
"summary": "SUSE Bug 1154124",
"url": "https://bugzilla.suse.com/1154124"
},
{
"category": "self",
"summary": "SUSE Bug 1154526",
"url": "https://bugzilla.suse.com/1154526"
},
{
"category": "self",
"summary": "SUSE Bug 1154737",
"url": "https://bugzilla.suse.com/1154737"
},
{
"category": "self",
"summary": "SUSE Bug 1154848",
"url": "https://bugzilla.suse.com/1154848"
},
{
"category": "self",
"summary": "SUSE Bug 1154858",
"url": "https://bugzilla.suse.com/1154858"
},
{
"category": "self",
"summary": "SUSE Bug 1154905",
"url": "https://bugzilla.suse.com/1154905"
},
{
"category": "self",
"summary": "SUSE Bug 1154956",
"url": "https://bugzilla.suse.com/1154956"
},
{
"category": "self",
"summary": "SUSE Bug 1155021",
"url": "https://bugzilla.suse.com/1155021"
},
{
"category": "self",
"summary": "SUSE Bug 1155178",
"url": "https://bugzilla.suse.com/1155178"
},
{
"category": "self",
"summary": "SUSE Bug 1155179",
"url": "https://bugzilla.suse.com/1155179"
},
{
"category": "self",
"summary": "SUSE Bug 1155184",
"url": "https://bugzilla.suse.com/1155184"
},
{
"category": "self",
"summary": "SUSE Bug 1155186",
"url": "https://bugzilla.suse.com/1155186"
},
{
"category": "self",
"summary": "SUSE Bug 1155671",
"url": "https://bugzilla.suse.com/1155671"
},
{
"category": "self",
"summary": "SUSE Bug 1155692",
"url": "https://bugzilla.suse.com/1155692"
},
{
"category": "self",
"summary": "SUSE Bug 1155836",
"url": "https://bugzilla.suse.com/1155836"
},
{
"category": "self",
"summary": "SUSE Bug 1155982",
"url": "https://bugzilla.suse.com/1155982"
},
{
"category": "self",
"summary": "SUSE Bug 1156187",
"url": "https://bugzilla.suse.com/1156187"
},
{
"category": "self",
"summary": "SUSE Bug 1156429",
"url": "https://bugzilla.suse.com/1156429"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12207 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0154 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11135 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16231 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16233 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16995 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17055 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18805 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18805/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-11-14T05:53:54Z",
"generator": {
"date": "2019-11-14T05:53:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2503-1",
"initial_release_date": "2019-11-14T05:53:54Z",
"revision_history": [
{
"date": "2019-11-14T05:53:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-devel-4.12.14-lp150.12.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-docs-4.12.14-lp150.12.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp150.12.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-macros-4.12.14-lp150.12.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-source-4.12.14-lp150.12.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-default-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12207"
}
],
"notes": [
{
"category": "general",
"text": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12207",
"url": "https://www.suse.com/security/cve/CVE-2018-12207"
},
{
"category": "external",
"summary": "SUSE Bug 1117665 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1117665"
},
{
"category": "external",
"summary": "SUSE Bug 1139073 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "external",
"summary": "SUSE Bug 1152505 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1152505"
},
{
"category": "external",
"summary": "SUSE Bug 1155812 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1155812"
},
{
"category": "external",
"summary": "SUSE Bug 1155817 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1155817"
},
{
"category": "external",
"summary": "SUSE Bug 1155945 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1155945"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-12207",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2018-12207"
},
{
"cve": "CVE-2019-0154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0154"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0154",
"url": "https://www.suse.com/security/cve/CVE-2019-0154"
},
{
"category": "external",
"summary": "SUSE Bug 1135966 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "external",
"summary": "SUSE Bug 1181720 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1181720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "important"
}
],
"title": "CVE-2019-0154"
},
{
"cve": "CVE-2019-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0155"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0155",
"url": "https://www.suse.com/security/cve/CVE-2019-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1135966 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "external",
"summary": "SUSE Bug 1135967 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1135967"
},
{
"category": "external",
"summary": "SUSE Bug 1173663 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1173663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "important"
}
],
"title": "CVE-2019-0155"
},
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-11135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11135"
}
],
"notes": [
{
"category": "general",
"text": "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11135",
"url": "https://www.suse.com/security/cve/CVE-2019-11135"
},
{
"category": "external",
"summary": "SUSE Bug 1139073 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "external",
"summary": "SUSE Bug 1152497 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152497"
},
{
"category": "external",
"summary": "SUSE Bug 1152505 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152505"
},
{
"category": "external",
"summary": "SUSE Bug 1152506 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152506"
},
{
"category": "external",
"summary": "SUSE Bug 1160120 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1160120"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-11135"
},
{
"cve": "CVE-2019-16231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16231"
}
],
"notes": [
{
"category": "general",
"text": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16231",
"url": "https://www.suse.com/security/cve/CVE-2019-16231"
},
{
"category": "external",
"summary": "SUSE Bug 1150466 for CVE-2019-16231",
"url": "https://bugzilla.suse.com/1150466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-16231"
},
{
"cve": "CVE-2019-16233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16233"
}
],
"notes": [
{
"category": "general",
"text": "drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16233",
"url": "https://www.suse.com/security/cve/CVE-2019-16233"
},
{
"category": "external",
"summary": "SUSE Bug 1150457 for CVE-2019-16233",
"url": "https://bugzilla.suse.com/1150457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-16233"
},
{
"cve": "CVE-2019-16995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16995",
"url": "https://www.suse.com/security/cve/CVE-2019-16995"
},
{
"category": "external",
"summary": "SUSE Bug 1152685 for CVE-2019-16995",
"url": "https://bugzilla.suse.com/1152685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-16995"
},
{
"cve": "CVE-2019-17055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17055"
}
],
"notes": [
{
"category": "general",
"text": "base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17055",
"url": "https://www.suse.com/security/cve/CVE-2019-17055"
},
{
"category": "external",
"summary": "SUSE Bug 1152782 for CVE-2019-17055",
"url": "https://bugzilla.suse.com/1152782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-17055"
},
{
"cve": "CVE-2019-18805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18805"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18805",
"url": "https://www.suse.com/security/cve/CVE-2019-18805"
},
{
"category": "external",
"summary": "SUSE Bug 1156187 for CVE-2019-18805",
"url": "https://bugzilla.suse.com/1156187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.82.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.82.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-14T05:53:54Z",
"details": "low"
}
],
"title": "CVE-2019-18805"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…