csaf_suse - suse-su-2016:2074-1

suse-su-2016:2074-1

Vulnerability from csaf_suse

Published

2016-08-15 10:48

Modified

2016-08-15 10:48

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c (bsc#978822). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126). - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948). - CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911). - CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970). - CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892). - CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958). - CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124). - CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360). - CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125). - CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909). - CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandled the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h (bnc#970504). - CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670). - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010). - CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint (bnc#961512). - CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent recursive callback access, which allowed local users to cause a denial of service (deadlock) via a crafted ioctl call (bnc#968013). - CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking approach that did not consider slave timer instances, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#968011). - CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain linked lists after a close or stop action, which allowed local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions (bnc#968012). - CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect type of mutex, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#967975). - CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel did not properly maintain a certain linked list, which allowed local users to cause a denial of service (race condition and system crash) via a crafted ioctl call (bnc#967974). - CVE-2016-2544: Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time (bnc#967973). - CVE-2016-2543: The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO assignment before proceeding with FIFO clearing, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call (bnc#967972). - CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor (bnc#966693). - CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel did not properly identify error conditions, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets (bnc#966437). - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765). - CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel .4.1 allowed local users to gain privileges by triggering access to a paging structure by a different CPU (bnc#963767). - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500). - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654). - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509). - CVE-2015-7515: The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints (bnc#956708). - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272 (bnc#955354). - CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls (bnc#958951). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959399). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c (bnc#958463). - CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015 (bnc#956709). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#952384). - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation (bnc#942367). - CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped (bnc#928130). The following non-security bugs were fixed: - Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201). - Fix lpfc_send_rscn_event allocation size claims bnc#935757 - Fix ntpd clock synchronization in Xen PV domains (bnc#816446). - Fix vmalloc_fault oops during lazy MMU updates (bsc#948562). - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309). - SCSI: bfa: Fix to handle firmware tskim abort request response (bsc#972510). - USB: usbip: fix potential out-of-bounds write (bnc#975945). - af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570). - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826). - mm/hugetlb: check for pte NULL pointer in __page_check_address() (bsc#977847). - nf_conntrack: fix bsc#758540 kabi fix (bsc#946117). - privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093). - s390/cio: collect format 1 channel-path description data (bsc#966460, bsc#966662). - s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662). - s390/cio: fix measurement characteristics memleak (bsc#966460, bsc#966662). - s390/cio: update measurement characteristics (bsc#966460, bsc#966662). - xfs: Fix lost direct IO write in the last block (bsc#949744).

Patchnames

slessp2-kernel-source-12693

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various security and bug fixes.\n\nThe following security bugs were fixed:\n- CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c (bsc#978822).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126).\n- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948).\n- CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956).\n- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911).\n- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970).\n- CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892).\n- CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958).\n- CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124).\n- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360).\n- CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125).\n- CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909).\n- CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandled the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h (bnc#970504).\n- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010).\n- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint (bnc#961512).\n- CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent recursive callback access, which allowed local users to cause a denial of service (deadlock) via a crafted ioctl call (bnc#968013).\n- CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking approach that did not consider slave timer instances, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#968011).\n- CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain linked lists after a close or stop action, which allowed local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions (bnc#968012).\n- CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect type of mutex, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#967975).\n- CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel did not properly maintain a certain linked list, which allowed local users to cause a denial of service (race condition and system crash) via a crafted ioctl call (bnc#967974).\n- CVE-2016-2544: Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time (bnc#967973).\n- CVE-2016-2543: The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO assignment before proceeding with FIFO clearing, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call (bnc#967972).\n- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor (bnc#966693).\n- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel did not properly identify error conditions, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets (bnc#966437).\n- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765).\n- CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel .4.1 allowed local users to gain privileges by triggering access to a paging structure by a different CPU (bnc#963767).\n- CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).\n- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509).\n- CVE-2015-7515: The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints (bnc#956708).\n- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272 (bnc#955354).\n- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls (bnc#958951).\n- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959399).\n- CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c (bnc#958463).\n- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015 (bnc#956709).\n- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n- CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#952384).\n- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).\n- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation (bnc#942367).\n- CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped (bnc#928130).\n\nThe following non-security bugs were fixed:\n- Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).\n- Fix lpfc_send_rscn_event allocation size claims bnc#935757\n- Fix ntpd clock synchronization in Xen PV domains (bnc#816446).\n- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).\n- Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n- SCSI: bfa: Fix to handle firmware tskim abort request response (bsc#972510).\n- USB: usbip: fix potential out-of-bounds write (bnc#975945).\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).\n- dm-snap: avoid deadock on s-\u003elock when a read is split (bsc#939826).\n- mm/hugetlb: check for pte NULL pointer in __page_check_address() (bsc#977847).\n- nf_conntrack: fix bsc#758540 kabi fix (bsc#946117).\n- privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093).\n- s390/cio: collect format 1 channel-path description data (bsc#966460, bsc#966662).\n- s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662).\n- s390/cio: fix measurement characteristics memleak (bsc#966460, bsc#966662).\n- s390/cio: update measurement characteristics (bsc#966460, bsc#966662).\n- xfs: Fix lost direct IO write in the last block (bsc#949744).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "slessp2-kernel-source-12693",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2074-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:2074-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162074-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:2074-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002207.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 816446",
        "url": "https://bugzilla.suse.com/816446"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 861093",
        "url": "https://bugzilla.suse.com/861093"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 928130",
        "url": "https://bugzilla.suse.com/928130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 935757",
        "url": "https://bugzilla.suse.com/935757"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 939826",
        "url": "https://bugzilla.suse.com/939826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 942367",
        "url": "https://bugzilla.suse.com/942367"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 945825",
        "url": "https://bugzilla.suse.com/945825"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 946117",
        "url": "https://bugzilla.suse.com/946117"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 946309",
        "url": "https://bugzilla.suse.com/946309"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 948562",
        "url": "https://bugzilla.suse.com/948562"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949744",
        "url": "https://bugzilla.suse.com/949744"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949936",
        "url": "https://bugzilla.suse.com/949936"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951440",
        "url": "https://bugzilla.suse.com/951440"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 952384",
        "url": "https://bugzilla.suse.com/952384"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953527",
        "url": "https://bugzilla.suse.com/953527"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954404",
        "url": "https://bugzilla.suse.com/954404"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 955354",
        "url": "https://bugzilla.suse.com/955354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 955654",
        "url": "https://bugzilla.suse.com/955654"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956708",
        "url": "https://bugzilla.suse.com/956708"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956709",
        "url": "https://bugzilla.suse.com/956709"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958463",
        "url": "https://bugzilla.suse.com/958463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958886",
        "url": "https://bugzilla.suse.com/958886"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958951",
        "url": "https://bugzilla.suse.com/958951"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959190",
        "url": "https://bugzilla.suse.com/959190"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959399",
        "url": "https://bugzilla.suse.com/959399"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 961500",
        "url": "https://bugzilla.suse.com/961500"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 961509",
        "url": "https://bugzilla.suse.com/961509"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 961512",
        "url": "https://bugzilla.suse.com/961512"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 963765",
        "url": "https://bugzilla.suse.com/963765"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 963767",
        "url": "https://bugzilla.suse.com/963767"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 964201",
        "url": "https://bugzilla.suse.com/964201"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966437",
        "url": "https://bugzilla.suse.com/966437"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966460",
        "url": "https://bugzilla.suse.com/966460"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966662",
        "url": "https://bugzilla.suse.com/966662"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966693",
        "url": "https://bugzilla.suse.com/966693"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 967972",
        "url": "https://bugzilla.suse.com/967972"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 967973",
        "url": "https://bugzilla.suse.com/967973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 967974",
        "url": "https://bugzilla.suse.com/967974"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 967975",
        "url": "https://bugzilla.suse.com/967975"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968010",
        "url": "https://bugzilla.suse.com/968010"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968011",
        "url": "https://bugzilla.suse.com/968011"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968012",
        "url": "https://bugzilla.suse.com/968012"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968013",
        "url": "https://bugzilla.suse.com/968013"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968670",
        "url": "https://bugzilla.suse.com/968670"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970504",
        "url": "https://bugzilla.suse.com/970504"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970892",
        "url": "https://bugzilla.suse.com/970892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970909",
        "url": "https://bugzilla.suse.com/970909"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970911",
        "url": "https://bugzilla.suse.com/970911"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970948",
        "url": "https://bugzilla.suse.com/970948"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970956",
        "url": "https://bugzilla.suse.com/970956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970958",
        "url": "https://bugzilla.suse.com/970958"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970970",
        "url": "https://bugzilla.suse.com/970970"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971124",
        "url": "https://bugzilla.suse.com/971124"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971125",
        "url": "https://bugzilla.suse.com/971125"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971126",
        "url": "https://bugzilla.suse.com/971126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971360",
        "url": "https://bugzilla.suse.com/971360"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 972510",
        "url": "https://bugzilla.suse.com/972510"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 973570",
        "url": "https://bugzilla.suse.com/973570"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 975945",
        "url": "https://bugzilla.suse.com/975945"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 977847",
        "url": "https://bugzilla.suse.com/977847"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 978822",
        "url": "https://bugzilla.suse.com/978822"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-2015 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-2015/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-7446 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-7446/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0272 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0272/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3339 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5307 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5307/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6252 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6252/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7509 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7509/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7515 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7515/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7550 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7566 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7566/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7799 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8104 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8104/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8215 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8215/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8543 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8569 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8569/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8575 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8575/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8767 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8767/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8785 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8812 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8812/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8816 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-0723 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-0723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2069 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2069/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2143 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2143/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2184 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2185 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2186 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2188 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2384 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2543 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2544 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2544/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2545 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2545/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2546 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2546/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2547 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2548 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2548/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2549 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2549/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2782 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2782/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2847 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3134 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3134/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3137 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3137/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3138 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3138/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3139 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3139/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3140 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3156 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4486 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4486/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2016-08-15T10:48:57Z",
      "generator": {
        "date": "2016-08-15T10:48:57Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:2074-1",
      "initial_release_date": "2016-08-15T10:48:57Z",
      "revision_history": [
        {
          "date": "2016-08-15T10:48:57Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-default-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-default-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-default-base-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-default-base-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-default-devel-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-default-devel-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-ec2-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-ec2-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-base-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-ec2-base-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-ec2-base-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-ec2-devel-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-ec2-devel-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-pae-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-pae-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-base-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-pae-base-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-pae-base-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-devel-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-pae-devel-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-pae-devel-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-source-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-source-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-syms-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-syms-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-trace-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-trace-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-trace-base-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-trace-base-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-trace-devel-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-xen-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-xen-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-xen-base-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-xen-base-3.0.101-0.7.40.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.0.101-0.7.40.1.i586",
                "product": {
                  "name": "kernel-xen-devel-3.0.101-0.7.40.1.i586",
                  "product_id": "kernel-xen-devel-3.0.101-0.7.40.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-default-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-default-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-default-base-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-default-base-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-default-devel-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-default-devel-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-default-man-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-default-man-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-source-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-source-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-syms-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-syms-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-trace-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-trace-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-trace-base-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-trace-base-3.0.101-0.7.40.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-0.7.40.1.s390x",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-0.7.40.1.s390x",
                  "product_id": "kernel-trace-devel-3.0.101-0.7.40.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-default-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-default-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-default-base-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-default-base-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-default-devel-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-ec2-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-ec2-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-ec2-base-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-ec2-devel-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-source-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-source-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-syms-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-syms-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-trace-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-trace-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-trace-base-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-trace-base-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-trace-devel-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-xen-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-xen-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-xen-base-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-xen-base-3.0.101-0.7.40.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.0.101-0.7.40.1.x86_64",
                "product": {
                  "name": "kernel-xen-devel-3.0.101-0.7.40.1.x86_64",
                  "product_id": "kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-default-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-default-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-default-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-default-base-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-default-base-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-default-devel-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-default-devel-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-default-man-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-ec2-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-ec2-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-base-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-ec2-base-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-base-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-ec2-devel-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-pae-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-pae-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-pae-base-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-pae-base-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-pae-devel-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-pae-devel-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-source-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-source-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-source-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-syms-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-syms-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-syms-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-trace-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-trace-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-trace-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-base-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-trace-base-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-base-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-trace-base-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-base-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-trace-base-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-devel-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-trace-devel-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-devel-3.0.101-0.7.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x"
        },
        "product_reference": "kernel-trace-devel-3.0.101-0.7.40.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-devel-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-xen-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-xen-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-xen-base-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.0.101-0.7.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586"
        },
        "product_reference": "kernel-xen-devel-3.0.101-0.7.40.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.0.101-0.7.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.0.101-0.7.40.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-2015",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-2015"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-2015",
          "url": "https://www.suse.com/security/cve/CVE-2013-2015"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 817377 for CVE-2013-2015",
          "url": "https://bugzilla.suse.com/817377"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2013-2015"
    },
    {
      "cve": "CVE-2013-7446",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-7446"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-7446",
          "url": "https://www.suse.com/security/cve/CVE-2013-7446"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2013-7446",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955654 for CVE-2013-7446",
          "url": "https://bugzilla.suse.com/955654"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955837 for CVE-2013-7446",
          "url": "https://bugzilla.suse.com/955837"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-7446"
    },
    {
      "cve": "CVE-2015-0272",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0272"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0272",
          "url": "https://www.suse.com/security/cve/CVE-2015-0272"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-0272",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 944296 for CVE-2015-0272",
          "url": "https://bugzilla.suse.com/944296"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-0272",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955354 for CVE-2015-0272",
          "url": "https://bugzilla.suse.com/955354"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-0272"
    },
    {
      "cve": "CVE-2015-3339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3339",
          "url": "https://www.suse.com/security/cve/CVE-2015-3339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 903967 for CVE-2015-3339",
          "url": "https://bugzilla.suse.com/903967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928130 for CVE-2015-3339",
          "url": "https://bugzilla.suse.com/928130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 939263 for CVE-2015-3339",
          "url": "https://bugzilla.suse.com/939263"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3339"
    },
    {
      "cve": "CVE-2015-5307",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5307"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5307",
          "url": "https://www.suse.com/security/cve/CVE-2015-5307"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953527 for CVE-2015-5307",
          "url": "https://bugzilla.suse.com/953527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954018 for CVE-2015-5307",
          "url": "https://bugzilla.suse.com/954018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954404 for CVE-2015-5307",
          "url": "https://bugzilla.suse.com/954404"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954405 for CVE-2015-5307",
          "url": "https://bugzilla.suse.com/954405"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 962977 for CVE-2015-5307",
          "url": "https://bugzilla.suse.com/962977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-5307"
    },
    {
      "cve": "CVE-2015-6252",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6252"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6252",
          "url": "https://www.suse.com/security/cve/CVE-2015-6252"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 942367 for CVE-2015-6252",
          "url": "https://bugzilla.suse.com/942367"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6252"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7509",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7509"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7509",
          "url": "https://www.suse.com/security/cve/CVE-2015-7509"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7509",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956707 for CVE-2015-7509",
          "url": "https://bugzilla.suse.com/956707"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956709 for CVE-2015-7509",
          "url": "https://bugzilla.suse.com/956709"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956766 for CVE-2015-7509",
          "url": "https://bugzilla.suse.com/956766"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7509"
    },
    {
      "cve": "CVE-2015-7515",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7515"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7515",
          "url": "https://www.suse.com/security/cve/CVE-2015-7515"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7515",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956708 for CVE-2015-7515",
          "url": "https://bugzilla.suse.com/956708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7515"
    },
    {
      "cve": "CVE-2015-7550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7550",
          "url": "https://www.suse.com/security/cve/CVE-2015-7550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958951 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/958951"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7550"
    },
    {
      "cve": "CVE-2015-7566",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7566"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7566",
          "url": "https://www.suse.com/security/cve/CVE-2015-7566"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7566",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961512 for CVE-2015-7566",
          "url": "https://bugzilla.suse.com/961512"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7566"
    },
    {
      "cve": "CVE-2015-7799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7799",
          "url": "https://www.suse.com/security/cve/CVE-2015-7799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7799",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-7799",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 949936 for CVE-2015-7799",
          "url": "https://bugzilla.suse.com/949936"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7799",
          "url": "https://bugzilla.suse.com/951638"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7799"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8104",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8104"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8104",
          "url": "https://www.suse.com/security/cve/CVE-2015-8104"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215748 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/1215748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953527 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/953527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954018 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/954018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954404 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/954404"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954405 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/954405"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 962977 for CVE-2015-8104",
          "url": "https://bugzilla.suse.com/962977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-8104"
    },
    {
      "cve": "CVE-2015-8215",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8215"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272.  NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8215",
          "url": "https://www.suse.com/security/cve/CVE-2015-8215"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8215",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-8215",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 944296 for CVE-2015-8215",
          "url": "https://bugzilla.suse.com/944296"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-8215",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955354 for CVE-2015-8215",
          "url": "https://bugzilla.suse.com/955354"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8215"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    },
    {
      "cve": "CVE-2015-8543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8543",
          "url": "https://www.suse.com/security/cve/CVE-2015-8543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958886 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/958886"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/963994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969522 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/969522"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8543"
    },
    {
      "cve": "CVE-2015-8569",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8569"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8569",
          "url": "https://www.suse.com/security/cve/CVE-2015-8569"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959190 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/959190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959399 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/959399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8569"
    },
    {
      "cve": "CVE-2015-8575",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8575"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8575",
          "url": "https://www.suse.com/security/cve/CVE-2015-8575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959190 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/959190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959399 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/959399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8575"
    },
    {
      "cve": "CVE-2015-8767",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8767"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8767",
          "url": "https://www.suse.com/security/cve/CVE-2015-8767"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8767",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8767",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961509 for CVE-2015-8767",
          "url": "https://bugzilla.suse.com/961509"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8767"
    },
    {
      "cve": "CVE-2015-8785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8785",
          "url": "https://www.suse.com/security/cve/CVE-2015-8785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8785",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963765 for CVE-2015-8785",
          "url": "https://bugzilla.suse.com/963765"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8785"
    },
    {
      "cve": "CVE-2015-8812",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8812"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8812",
          "url": "https://www.suse.com/security/cve/CVE-2015-8812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8812",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8812",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966437 for CVE-2015-8812",
          "url": "https://bugzilla.suse.com/966437"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966683 for CVE-2015-8812",
          "url": "https://bugzilla.suse.com/966683"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8812"
    },
    {
      "cve": "CVE-2015-8816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8816",
          "url": "https://www.suse.com/security/cve/CVE-2015-8816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968010 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/968010"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 979064 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/979064"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8816"
    },
    {
      "cve": "CVE-2016-0723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-0723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-0723",
          "url": "https://www.suse.com/security/cve/CVE-2016-0723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-0723",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961500 for CVE-2016-0723",
          "url": "https://bugzilla.suse.com/961500"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-0723"
    },
    {
      "cve": "CVE-2016-2069",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2069"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2069",
          "url": "https://www.suse.com/security/cve/CVE-2016-2069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2069",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2016-2069",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2016-2069",
          "url": "https://bugzilla.suse.com/870618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963767 for CVE-2016-2069",
          "url": "https://bugzilla.suse.com/963767"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2069"
    },
    {
      "cve": "CVE-2016-2143",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2143"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2143",
          "url": "https://www.suse.com/security/cve/CVE-2016-2143"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970504 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/970504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 993872 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/993872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2143"
    },
    {
      "cve": "CVE-2016-2184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2184",
          "url": "https://www.suse.com/security/cve/CVE-2016-2184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2184",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971125 for CVE-2016-2184",
          "url": "https://bugzilla.suse.com/971125"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2184"
    },
    {
      "cve": "CVE-2016-2185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2185",
          "url": "https://www.suse.com/security/cve/CVE-2016-2185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2185",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971124 for CVE-2016-2185",
          "url": "https://bugzilla.suse.com/971124"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2185"
    },
    {
      "cve": "CVE-2016-2186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2186",
          "url": "https://www.suse.com/security/cve/CVE-2016-2186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2186",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970958 for CVE-2016-2186",
          "url": "https://bugzilla.suse.com/970958"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2186"
    },
    {
      "cve": "CVE-2016-2188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2188",
          "url": "https://www.suse.com/security/cve/CVE-2016-2188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1067912 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1067912"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132190 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1132190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970956 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/970956"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2188"
    },
    {
      "cve": "CVE-2016-2384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2384",
          "url": "https://www.suse.com/security/cve/CVE-2016-2384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2384",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966693 for CVE-2016-2384",
          "url": "https://bugzilla.suse.com/966693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967773 for CVE-2016-2384",
          "url": "https://bugzilla.suse.com/967773"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2384"
    },
    {
      "cve": "CVE-2016-2543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2543",
          "url": "https://www.suse.com/security/cve/CVE-2016-2543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2543",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967972 for CVE-2016-2543",
          "url": "https://bugzilla.suse.com/967972"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2543"
    },
    {
      "cve": "CVE-2016-2544",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2544"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2544",
          "url": "https://www.suse.com/security/cve/CVE-2016-2544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2544",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967973 for CVE-2016-2544",
          "url": "https://bugzilla.suse.com/967973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2544"
    },
    {
      "cve": "CVE-2016-2545",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2545"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2545",
          "url": "https://www.suse.com/security/cve/CVE-2016-2545"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2545",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967974 for CVE-2016-2545",
          "url": "https://bugzilla.suse.com/967974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2545"
    },
    {
      "cve": "CVE-2016-2546",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2546"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2546",
          "url": "https://www.suse.com/security/cve/CVE-2016-2546"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2546",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967975 for CVE-2016-2546",
          "url": "https://bugzilla.suse.com/967975"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2546"
    },
    {
      "cve": "CVE-2016-2547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2547",
          "url": "https://www.suse.com/security/cve/CVE-2016-2547"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2547",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968011 for CVE-2016-2547",
          "url": "https://bugzilla.suse.com/968011"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2547"
    },
    {
      "cve": "CVE-2016-2548",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2548"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2548",
          "url": "https://www.suse.com/security/cve/CVE-2016-2548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2548",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968012 for CVE-2016-2548",
          "url": "https://bugzilla.suse.com/968012"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2548"
    },
    {
      "cve": "CVE-2016-2549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2549",
          "url": "https://www.suse.com/security/cve/CVE-2016-2549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2549",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968013 for CVE-2016-2549",
          "url": "https://bugzilla.suse.com/968013"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2549"
    },
    {
      "cve": "CVE-2016-2782",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2782"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2782",
          "url": "https://www.suse.com/security/cve/CVE-2016-2782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961512 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/961512"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968670 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/968670"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2782"
    },
    {
      "cve": "CVE-2016-2847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2847",
          "url": "https://www.suse.com/security/cve/CVE-2016-2847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970948 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/970948"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 974646 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/974646"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2847"
    },
    {
      "cve": "CVE-2016-3134",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3134"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3134",
          "url": "https://www.suse.com/security/cve/CVE-2016-3134"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971126 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/971126"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971793 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/971793"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986362 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/986362"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986365 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/986365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986377 for CVE-2016-3134",
          "url": "https://bugzilla.suse.com/986377"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3134"
    },
    {
      "cve": "CVE-2016-3137",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3137"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3137",
          "url": "https://www.suse.com/security/cve/CVE-2016-3137"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3137",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970970 for CVE-2016-3137",
          "url": "https://bugzilla.suse.com/970970"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3137"
    },
    {
      "cve": "CVE-2016-3138",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3138"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3138",
          "url": "https://www.suse.com/security/cve/CVE-2016-3138"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970911 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/970911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970970 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/970970"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3138"
    },
    {
      "cve": "CVE-2016-3139",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3139"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3139",
          "url": "https://www.suse.com/security/cve/CVE-2016-3139"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3139",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970909 for CVE-2016-3139",
          "url": "https://bugzilla.suse.com/970909"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3139"
    },
    {
      "cve": "CVE-2016-3140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3140",
          "url": "https://www.suse.com/security/cve/CVE-2016-3140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3140",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970892 for CVE-2016-3140",
          "url": "https://bugzilla.suse.com/970892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3140"
    },
    {
      "cve": "CVE-2016-3156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3156",
          "url": "https://www.suse.com/security/cve/CVE-2016-3156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3156",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971360 for CVE-2016-3156",
          "url": "https://bugzilla.suse.com/971360"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3156"
    },
    {
      "cve": "CVE-2016-4486",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4486"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
          "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4486",
          "url": "https://www.suse.com/security/cve/CVE-2016-4486"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-4486",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 978822 for CVE-2016-4486",
          "url": "https://bugzilla.suse.com/978822"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.s390x",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.40.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.i586",
            "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.40.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-08-15T10:48:57Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-4486"
    }
  ]
}

CVE-2015-0272 (GCVE-0-2015-0272)

Vulnerability from cvelistv5

Published

2015-11-17 15:00

Modified

2024-08-06 04:03

Severity ?

CWE

Summary

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2792-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/76814	vdb-entry, x_refsource_BID
	http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1192132	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:03:10.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:2292",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
          },
          {
            "name": "USN-2792-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2792-1"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "76814",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76814"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T22:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:2292",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
        },
        {
          "name": "USN-2792-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2792-1"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "76814",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76814"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-0272",
    "datePublished": "2015-11-17T15:00:00",
    "dateReserved": "2014-11-18T00:00:00",
    "dateUpdated": "2024-08-06T04:03:10.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2548 (GCVE-0-2016-2548)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83383	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1035306	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1311568	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.953Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "name": "83383",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83383"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "1035306",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311568"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "name": "83383",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83383"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "1035306",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311568"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2548",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "83383",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83383"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "1035306",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035306"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311568",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311568"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2548",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2847 (GCVE-0-2016-2847)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1313428	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2949-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/83870	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2947-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/03/01/3	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2947-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2947-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2946-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0217.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2946-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:21.204Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313428"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2949-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2949-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "83870",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83870"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2947-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-3"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160301 CVE request -- linux kernel: pipe: limit the per-user amount of pages allocated in pipes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/03/01/3"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "USN-2947-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-2"
          },
          {
            "name": "USN-2947-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52"
          },
          {
            "name": "USN-2946-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2946-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "RHSA-2017:0217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-0217.html"
          },
          {
            "name": "USN-2948-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-1"
          },
          {
            "name": "USN-2946-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2946-1"
          },
          {
            "name": "USN-2948-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-2"
          },
          {
            "name": "SUSE-SU-2016:1937",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313428"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2949-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2949-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "83870",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83870"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2947-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-3"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160301 CVE request -- linux kernel: pipe: limit the per-user amount of pages allocated in pipes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/03/01/3"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "USN-2947-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-2"
        },
        {
          "name": "USN-2947-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52"
        },
        {
          "name": "USN-2946-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2946-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "RHSA-2017:0217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-0217.html"
        },
        {
          "name": "USN-2948-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-1"
        },
        {
          "name": "USN-2946-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2946-1"
        },
        {
          "name": "USN-2948-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-2"
        },
        {
          "name": "SUSE-SU-2016:1937",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2847",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-03-06T00:00:00",
    "dateUpdated": "2024-08-05T23:32:21.204Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7515 (GCVE-0-2015-7515)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-06 07:51

Severity ?

CWE

Summary

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	https://security-tracker.debian.org/tracker/CVE-2015-7515	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/84288	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1285326	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	https://www.exploit-db.com/exploits/39544/	exploit, x_refsource_EXPLOIT-DB
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:28.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2015-7515"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "name": "84288",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84288"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "39544",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39544/"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2015-7515"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "name": "84288",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84288"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "39544",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39544/"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7515",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:28.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8569 (GCVE-0-2015-8569)

Vulnerability from cvelistv5

Published

2015-12-28 11:00

Modified

2024-08-06 08:20

Severity ?

CWE

Summary

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

References

►

URL

Tags

	http://www.openwall.com/lists/oss-security/2015/12/15/11	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/79428	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1	x_refsource_CONFIRM
	http://twitter.com/grsecurity/statuses/676744240802750464	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	https://lkml.org/lkml/2015/12/14/252	mailing-list, x_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034549	vdb-entry, x_refsource_SECTRACK
	https://bugzilla.redhat.com/show_bug.cgi?id=1292045	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3434	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:20:43.262Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "name": "79428",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79428"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://twitter.com/grsecurity/statuses/676744240802750464"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "[linux-kernel] 20151214 Information leak in pptp_bind",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2015/12/14/252"
          },
          {
            "name": "FEDORA-2016-5d43766e33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
          },
          {
            "name": "1034549",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "name": "DSA-3434",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3434"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:16:06",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "name": "79428",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79428"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://twitter.com/grsecurity/statuses/676744240802750464"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "[linux-kernel] 20151214 Information leak in pptp_bind",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2015/12/14/252"
        },
        {
          "name": "FEDORA-2016-5d43766e33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
        },
        {
          "name": "1034549",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "name": "DSA-3434",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3434"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2015-8569",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/12/15/11"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2890-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-3"
            },
            {
              "name": "79428",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79428"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
            },
            {
              "name": "http://twitter.com/grsecurity/statuses/676744240802750464",
              "refsource": "MISC",
              "url": "http://twitter.com/grsecurity/statuses/676744240802750464"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "[linux-kernel] 20151214 Information leak in pptp_bind",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2015/12/14/252"
            },
            {
              "name": "FEDORA-2016-5d43766e33",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2890-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/09ccfd238e5a0e670d8178cf50180ea81ae09ae1"
            },
            {
              "name": "1034549",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034549"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292045"
            },
            {
              "name": "USN-2890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-1"
            },
            {
              "name": "DSA-3434",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3434"
            },
            {
              "name": "USN-2888-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2888-1"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2015-8569",
    "datePublished": "2015-12-28T11:00:00",
    "dateReserved": "2015-12-15T00:00:00",
    "dateUpdated": "2024-08-06T08:20:43.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8543 (GCVE-0-2015-8543)

Vulnerability from cvelistv5

Published

2015-12-28 11:00

Modified

2024-08-06 08:20

Severity ?

CWE

Summary

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1034892	vdb-entry, x_refsource_SECTRACK
	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/79698	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9	x_refsource_CONFIRM
	http://www.debian.org/security/2015/dsa-3426	vendor-advisory, x_refsource_DEBIAN
	http://www.openwall.com/lists/oss-security/2015/12/09/5	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1290475	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3434	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:20:43.195Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:0855",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
          },
          {
            "name": "1034892",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034892"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "79698",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79698"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9"
          },
          {
            "name": "DSA-3426",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3426"
          },
          {
            "name": "[oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/12/09/5"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475"
          },
          {
            "name": "DSA-3434",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3434"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:0855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
        },
        {
          "name": "1034892",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034892"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "79698",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79698"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9"
        },
        {
          "name": "DSA-3426",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3426"
        },
        {
          "name": "[oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/12/09/5"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475"
        },
        {
          "name": "DSA-3434",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3434"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:0855",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
            },
            {
              "name": "1034892",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034892"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2890-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-3"
            },
            {
              "name": "RHSA-2016:2584",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "79698",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79698"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2890-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9"
            },
            {
              "name": "DSA-3426",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3426"
            },
            {
              "name": "[oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/12/09/5"
            },
            {
              "name": "USN-2890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475"
            },
            {
              "name": "DSA-3434",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3434"
            },
            {
              "name": "USN-2888-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2888-1"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8543",
    "datePublished": "2015-12-28T11:00:00",
    "dateReserved": "2015-12-11T00:00:00",
    "dateUpdated": "2024-08-06T08:20:43.195Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2143 (GCVE-0-2016-2143)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:17

Severity ?

CWE

Summary

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2766.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/3446c13b268af86391d06611327006b059b8bab1	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	https://security-tracker.debian.org/tracker/CVE-2016-2143	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2016-1539.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.621Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1"
          },
          {
            "name": "RHSA-2016:2766",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2766.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/3446c13b268af86391d06611327006b059b8bab1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2016-2143"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "RHSA-2016:1539",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1539.html"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1"
        },
        {
          "name": "RHSA-2016:2766",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2766.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/3446c13b268af86391d06611327006b059b8bab1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2016-2143"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "RHSA-2016:1539",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1539.html"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2143",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.621Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8785 (GCVE-0-2015-8785)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

References

►

URL

Tags

	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1290642	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/81688	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/01/24/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:21.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290642"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "81688",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/81688"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "[oss-security] 20160124 CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages()",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/24/1"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290642"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "81688",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/81688"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "[oss-security] 20160124 CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages()",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/24/1"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2015-8785",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1290642",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290642"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/3ca8138f014a913f98e6ef40e939868e1e9ea876"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "81688",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/81688"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ca8138f014a913f98e6ef40e939868e1e9ea876"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
            },
            {
              "name": "[oss-security] 20160124 CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages()",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/24/1"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2015-8785",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2016-01-24T00:00:00",
    "dateUpdated": "2024-08-06T08:29:21.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3139 (GCVE-0-2016-3139)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	https://www.exploit-db.com/exploits/39538/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1316993	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1283377	x_refsource_CONFIRM
	https://security-tracker.debian.org/tracker/CVE-2016-3139	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1283375	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39538",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39538/"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2016-3139"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:16:07",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "39538",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39538/"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2016-3139"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2016-3139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "39538",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39538/"
            },
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377"
            },
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2016-3139",
              "refsource": "CONFIRM",
              "url": "https://security-tracker.debian.org/tracker/CVE-2016-3139"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "SUSE-SU-2016:1019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-3139",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-03-13T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-2015 (GCVE-0-2013-2015)

Vulnerability from cvelistv5

Published

2013-04-29 10:00

Modified

2024-08-06 15:20

Severity ?

CWE

Summary

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.

References

►

URL

Tags

	https://github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3	x_refsource_CONFIRM
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=957123	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2013/04/26/16	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:20:37.496Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957123"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "[oss-security] 20130426 Re: CVE request: Linux kernel: ext4: hang during mount(8)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/04/26/16"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957123"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "[oss-security] 20130426 Re: CVE request: Linux kernel: ext4: hang during mount(8)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/04/26/16"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-2015",
    "datePublished": "2013-04-29T10:00:00",
    "dateReserved": "2013-02-19T00:00:00",
    "dateUpdated": "2024-08-06T15:20:37.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2184 (GCVE-0-2016-2184)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:17

Severity ?

CWE

Summary

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://seclists.org/bugtraq/2016/Mar/89	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/84340	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1317012	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://seclists.org/bugtraq/2016/Mar/88	mailing-list, x_refsource_BUGTRAQ
	http://seclists.org/bugtraq/2016/Mar/102	mailing-list, x_refsource_BUGTRAQ
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/39555/	exploit, x_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "20160310 oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/89"
          },
          {
            "name": "84340",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84340"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317012"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2016-11-01.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "20160310 oss-2016-16: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/88"
          },
          {
            "name": "20160314 Re: oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/102"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "39555",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39555/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "20160310 oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/89"
        },
        {
          "name": "84340",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84340"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317012"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2016-11-01.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "20160310 oss-2016-16: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/88"
        },
        {
          "name": "20160314 Re: oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/102"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "39555",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39555/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2184",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2384 (GCVE-0-2016-2384)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:24

Severity ?

CWE

Summary

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

References

►

URL

Tags

	http://www.securitytracker.com/id/1035072	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/02/14/2	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1308444	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2928-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2928-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83256	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:49.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035072",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035072"
          },
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "[oss-security] 20160214 CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/02/14/2"
          },
          {
            "name": "SUSE-SU-2016:1038",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
          },
          {
            "name": "SUSE-SU-2016:1033",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "SUSE-SU-2016:1034",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "SUSE-SU-2016:1035",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "SUSE-SU-2016:1031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7"
          },
          {
            "name": "RHSA-2017:0817",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:1037",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
          },
          {
            "name": "SUSE-SU-2016:1045",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:1032",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
          },
          {
            "name": "SUSE-SU-2016:1039",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "SUSE-SU-2016:1041",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
          },
          {
            "name": "SUSE-SU-2016:1046",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7"
          },
          {
            "name": "USN-2928-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2928-1"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2928-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2928-2"
          },
          {
            "name": "83256",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83256"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:1040",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "1035072",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035072"
        },
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "[oss-security] 20160214 CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/02/14/2"
        },
        {
          "name": "SUSE-SU-2016:1038",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
        },
        {
          "name": "SUSE-SU-2016:1033",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "SUSE-SU-2016:1034",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "SUSE-SU-2016:1035",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "SUSE-SU-2016:1031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7"
        },
        {
          "name": "RHSA-2017:0817",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:1037",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
        },
        {
          "name": "SUSE-SU-2016:1045",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:1032",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
        },
        {
          "name": "SUSE-SU-2016:1039",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "SUSE-SU-2016:1041",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
        },
        {
          "name": "SUSE-SU-2016:1046",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7"
        },
        {
          "name": "USN-2928-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2928-1"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2928-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2928-2"
        },
        {
          "name": "83256",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83256"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:1040",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-2384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035072",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035072"
            },
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "[oss-security] 20160214 CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/02/14/2"
            },
            {
              "name": "SUSE-SU-2016:1038",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
            },
            {
              "name": "SUSE-SU-2016:1033",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "SUSE-SU-2016:1034",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
            },
            {
              "name": "RHSA-2016:2584",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
            },
            {
              "name": "SUSE-SU-2016:1035",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "SUSE-SU-2016:1031",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384",
              "refsource": "MISC",
              "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7"
            },
            {
              "name": "RHSA-2017:0817",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444"
            },
            {
              "name": "SUSE-SU-2016:1019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:1037",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
            },
            {
              "name": "SUSE-SU-2016:1045",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:1032",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
            },
            {
              "name": "SUSE-SU-2016:1039",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "SUSE-SU-2016:1041",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
            },
            {
              "name": "SUSE-SU-2016:1046",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7"
            },
            {
              "name": "USN-2928-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2928-1"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2928-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2928-2"
            },
            {
              "name": "83256",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83256"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:1040",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-2384",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-14T00:00:00",
    "dateUpdated": "2024-08-05T23:24:49.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8575 (GCVE-0-2015-8575)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 08:20

Severity ?

CWE

Summary

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

References

►

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1292840	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2015/12/16/3	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/79724	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3434	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:20:43.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"
          },
          {
            "name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"
          },
          {
            "name": "79724",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79724"
          },
          {
            "name": "FEDORA-2016-5d43766e33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "name": "DSA-3434",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3434"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:16:03",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"
        },
        {
          "name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"
        },
        {
          "name": "79724",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79724"
        },
        {
          "name": "FEDORA-2016-5d43766e33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "name": "DSA-3434",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3434"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2015-8575",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292840"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"
            },
            {
              "name": "[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/12/16/3"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2890-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-3"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/5233252fce714053f0151680933571a2da9cbfb4"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4"
            },
            {
              "name": "79724",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79724"
            },
            {
              "name": "FEDORA-2016-5d43766e33",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2890-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-2"
            },
            {
              "name": "USN-2890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-1"
            },
            {
              "name": "DSA-3434",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3434"
            },
            {
              "name": "USN-2888-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2888-1"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2015-8575",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2015-12-16T00:00:00",
    "dateUpdated": "2024-08-06T08:20:43.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3138 (GCVE-0-2016-3138)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/03/14/4	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1316204	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cdc_acm driver)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/03/14/4"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316204"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:49",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cdc_acm driver)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/03/14/4"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316204"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2016-3138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2971-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-2"
            },
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "SUSE-SU-2016:1696",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
            },
            {
              "name": "USN-2970-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2970-1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9"
            },
            {
              "name": "USN-2969-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2969-1"
            },
            {
              "name": "USN-2968-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-1"
            },
            {
              "name": "USN-2971-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-3"
            },
            {
              "name": "USN-2997-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2997-1"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "USN-2971-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-1"
            },
            {
              "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cdc_acm driver)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/03/14/4"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "USN-2996-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2996-1"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "USN-2968-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1316204",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316204"
            },
            {
              "name": "openSUSE-SU-2016:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-3138",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-03-13T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8104 (GCVE-0-2015-8104)

Vulnerability from cvelistv5

Published

2015-11-16 00:00

Modified

2025-04-23 15:40

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

Summary

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-2636.html	vendor-advisory
	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
	http://www.ubuntu.com/usn/USN-2841-2	vendor-advisory
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory
	https://kb.juniper.net/JSA10783
	https://bugzilla.redhat.com/show_bug.cgi?id=1278496
	http://www.debian.org/security/2016/dsa-3454	vendor-advisory
	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
	http://rhn.redhat.com/errata/RHSA-2015-2645.html	vendor-advisory
	http://www.ubuntu.com/usn/USN-2840-1	vendor-advisory
	http://www.securityfocus.com/bid/77524	vdb-entry
	https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html	vendor-advisory
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
	http://www.openwall.com/lists/oss-security/2015/11/10/5	mailing-list
	http://www.ubuntu.com/usn/USN-2843-1	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory
	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
	http://www.ubuntu.com/usn/USN-2844-1	vendor-advisory
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html	vendor-advisory
	http://www.ubuntu.com/usn/USN-2842-2	vendor-advisory
	http://xenbits.xen.org/xsa/advisory-156.html
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory
	http://www.ubuntu.com/usn/USN-2843-2	vendor-advisory
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
	http://www.ubuntu.com/usn/USN-2842-1	vendor-advisory
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html	vendor-advisory
	http://www.debian.org/security/2015/dsa-3414	vendor-advisory
	http://support.citrix.com/article/CTX202583
	http://www.securitytracker.com/id/1034105	vdb-entry
	http://www.securityfocus.com/bid/91787	vdb-entry
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory
	http://www.ubuntu.com/usn/USN-2841-1	vendor-advisory
	http://support.citrix.com/article/CTX203879
	http://www.debian.org/security/2015/dsa-3426	vendor-advisory
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d
	http://rhn.redhat.com/errata/RHSA-2016-0046.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory
	http://www.openwall.com/lists/oss-security/2023/10/10/4	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:2636",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "USN-2841-2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2841-2"
          },
          {
            "name": "FEDORA-2015-f150b2a8c8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496"
          },
          {
            "name": "DSA-3454",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3454"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "RHSA-2015:2645",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html"
          },
          {
            "name": "USN-2840-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2840-1"
          },
          {
            "name": "77524",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77524"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d"
          },
          {
            "name": "openSUSE-SU-2015:2250",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "[oss-security] 20151110 CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/11/10/5"
          },
          {
            "name": "USN-2843-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-1"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "name": "USN-2844-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2844-1"
          },
          {
            "name": "openSUSE-SU-2015:2232",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
          },
          {
            "name": "USN-2842-2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2842-2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-156.html"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "USN-2843-2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-2"
          },
          {
            "name": "FEDORA-2015-668d213dc3",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "USN-2842-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2842-1"
          },
          {
            "name": "FEDORA-2015-394835a3f6",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html"
          },
          {
            "name": "DSA-3414",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3414"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX202583"
          },
          {
            "name": "1034105",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034105"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2841-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2841-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX203879"
          },
          {
            "name": "DSA-3426",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3426"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d"
          },
          {
            "name": "RHSA-2016:0046",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "[oss-security] 20231010 Xen Security Advisory 444 v3 (CVE-2023-34327,CVE-2023-34328) - x86/AMD: Debug Mask handling",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/10/4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2015-8104",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:47:48.570746Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T15:40:54.273Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T14:06:16.207Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2015:2636",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "USN-2841-2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2841-2"
        },
        {
          "name": "FEDORA-2015-f150b2a8c8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496"
        },
        {
          "name": "DSA-3454",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3454"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "RHSA-2015:2645",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html"
        },
        {
          "name": "USN-2840-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2840-1"
        },
        {
          "name": "77524",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/77524"
        },
        {
          "url": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d"
        },
        {
          "name": "openSUSE-SU-2015:2250",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "[oss-security] 20151110 CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/11/10/5"
        },
        {
          "name": "USN-2843-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-1"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
        },
        {
          "name": "USN-2844-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2844-1"
        },
        {
          "name": "openSUSE-SU-2015:2232",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
        },
        {
          "name": "USN-2842-2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2842-2"
        },
        {
          "url": "http://xenbits.xen.org/xsa/advisory-156.html"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "USN-2843-2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-2"
        },
        {
          "name": "FEDORA-2015-668d213dc3",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "USN-2842-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2842-1"
        },
        {
          "name": "FEDORA-2015-394835a3f6",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html"
        },
        {
          "name": "DSA-3414",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3414"
        },
        {
          "url": "http://support.citrix.com/article/CTX202583"
        },
        {
          "name": "1034105",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1034105"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2841-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2841-1"
        },
        {
          "url": "http://support.citrix.com/article/CTX203879"
        },
        {
          "name": "DSA-3426",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3426"
        },
        {
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d"
        },
        {
          "name": "RHSA-2016:0046",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "[oss-security] 20231010 Xen Security Advisory 444 v3 (CVE-2023-34327,CVE-2023-34328) - x86/AMD: Debug Mask handling",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/10/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8104",
    "datePublished": "2015-11-16T00:00:00.000Z",
    "dateReserved": "2015-11-09T00:00:00.000Z",
    "dateUpdated": "2025-04-23T15:40:54.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2545 (GCVE-0-2016-2545)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.

References

►

URL

Tags

	https://github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=1311560	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1035296	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83381	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736"
          },
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311560"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "1035296",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035296"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "83381",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83381"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736"
        },
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311560"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "1035296",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035296"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "83381",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83381"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2545",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736"
            },
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311560",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311560"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "1035296",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035296"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "83381",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83381"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2545",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5307 (GCVE-0-2015-5307)

Vulnerability from cvelistv5

Published

2015-11-16 11:00

Modified

2024-08-06 06:41

Severity ?

CWE

Summary

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-2636.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://kb.juniper.net/JSA10783	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3454	vendor-advisory, x_refsource_DEBIAN
	http://www.openwall.com/lists/oss-security/2015/11/10/6	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2015-2645.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2802-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2806-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2805-1	vendor-advisory, x_refsource_UBUNTU
	http://xenbits.xen.org/xsa/advisory-156.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-2807-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2801-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2015/dsa-3414	vendor-advisory, x_refsource_DEBIAN
	http://support.citrix.com/article/CTX202583	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2800-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1034105	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2804-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1277172	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-0046.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2015/dsa-3396	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/77528	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2803-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:41:09.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:2636",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "FEDORA-2015-f150b2a8c8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "DSA-3454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3454"
          },
          {
            "name": "[oss-security] 20151110 Re: CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/11/10/6"
          },
          {
            "name": "RHSA-2015:2645",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html"
          },
          {
            "name": "USN-2802-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2802-1"
          },
          {
            "name": "openSUSE-SU-2015:2250",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "USN-2806-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2806-1"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed"
          },
          {
            "name": "openSUSE-SU-2015:2232",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
          },
          {
            "name": "USN-2805-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2805-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-156.html"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "FEDORA-2015-668d213dc3",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html"
          },
          {
            "name": "USN-2807-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2807-1"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "name": "USN-2801-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2801-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "FEDORA-2015-394835a3f6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html"
          },
          {
            "name": "DSA-3414",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3414"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX202583"
          },
          {
            "name": "USN-2800-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2800-1"
          },
          {
            "name": "1034105",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034105"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2804-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2804-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277172"
          },
          {
            "name": "RHSA-2016:0046",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html"
          },
          {
            "name": "DSA-3396",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3396"
          },
          {
            "name": "77528",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77528"
          },
          {
            "name": "USN-2803-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2803-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-23T01:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:2636",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "FEDORA-2015-f150b2a8c8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "name": "DSA-3454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3454"
        },
        {
          "name": "[oss-security] 20151110 Re: CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/11/10/6"
        },
        {
          "name": "RHSA-2015:2645",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html"
        },
        {
          "name": "USN-2802-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2802-1"
        },
        {
          "name": "openSUSE-SU-2015:2250",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "USN-2806-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2806-1"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed"
        },
        {
          "name": "openSUSE-SU-2015:2232",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
        },
        {
          "name": "USN-2805-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2805-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-156.html"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "FEDORA-2015-668d213dc3",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html"
        },
        {
          "name": "USN-2807-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2807-1"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "name": "USN-2801-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2801-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "FEDORA-2015-394835a3f6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html"
        },
        {
          "name": "DSA-3414",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3414"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX202583"
        },
        {
          "name": "USN-2800-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2800-1"
        },
        {
          "name": "1034105",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034105"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2804-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2804-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277172"
        },
        {
          "name": "RHSA-2016:0046",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html"
        },
        {
          "name": "DSA-3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3396"
        },
        {
          "name": "77528",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77528"
        },
        {
          "name": "USN-2803-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2803-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-5307",
    "datePublished": "2015-11-16T11:00:00",
    "dateReserved": "2015-07-01T00:00:00",
    "dateUpdated": "2024-08-06T06:41:09.291Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2782 (GCVE-0-2016-2782)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://www.exploit-db.com/exploits/39539/	exploit, x_refsource_EXPLOIT-DB
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/02/28/9	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1312670	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:21.033Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "39539",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39539/"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "[oss-security] 20160228 Re: CVE request -- linux kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/02/28/9"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2948-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "USN-2948-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "39539",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39539/"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "[oss-security] 20160228 Re: CVE request -- linux kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/02/28/9"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2948-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "USN-2948-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2782",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-28T00:00:00",
    "dateUpdated": "2024-08-05T23:32:21.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2546 (GCVE-0-2016-2546)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83384	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1311564	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/af368027a49a751d6ff4ee9e3f9961f35bb4fede	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1035301	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "83384",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83384"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311564"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/af368027a49a751d6ff4ee9e3f9961f35bb4fede"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "1035301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035301"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "83384",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83384"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311564"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/af368027a49a751d6ff4ee9e3f9961f35bb4fede"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "1035301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035301"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "83384",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83384"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311564",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311564"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/af368027a49a751d6ff4ee9e3f9961f35bb4fede",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/af368027a49a751d6ff4ee9e3f9961f35bb4fede"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "1035301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035301"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2546",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7550 (GCVE-0-2015-7550)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 07:51

Severity ?

CWE

Summary

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

References

►

URL

Tags

	http://www.securityfocus.com/bid/79903	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2911-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1291197	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637d	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2911-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	https://security-tracker.debian.org/tracker/CVE-2015-7550	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3434	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:28.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "79903",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79903"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"
          },
          {
            "name": "USN-2911-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2911-1"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291197"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637d"
          },
          {
            "name": "USN-2911-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2911-2"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2015-7550"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "name": "DSA-3434",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3434"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "79903",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79903"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4"
        },
        {
          "name": "USN-2911-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2911-1"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291197"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637d"
        },
        {
          "name": "USN-2911-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2911-2"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2015-7550"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "name": "DSA-3434",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3434"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7550",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:28.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7990 (GCVE-0-2015-7990)

Vulnerability from cvelistv5

Published

2015-12-28 11:00

Modified

2024-08-06 08:06

Severity ?

CWE

Summary

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1276437	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2887-2	vendor-advisory, x_refsource_UBUNTU
	https://lkml.org/lkml/2015/10/16/530	mailing-list, x_refsource_MLIST
	http://www.securitytracker.com/id/1034453	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2887-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.suse.com/show_bug.cgi?id=952384	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2889-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2889-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2015/10/27/5	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/77340	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2015/dsa-3396	vendor-advisory, x_refsource_DEBIAN
	https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.579Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:2292",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437"
          },
          {
            "name": "SUSE-SU-2016:0434",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
          },
          {
            "name": "USN-2887-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2887-2"
          },
          {
            "name": "[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2015/10/16/530"
          },
          {
            "name": "1034453",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034453"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2887-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2887-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=952384"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "name": "openSUSE-SU-2015:2232",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
          },
          {
            "name": "SUSE-SU-2016:0380",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a"
          },
          {
            "name": "USN-2889-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2889-1"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "SUSE-SU-2016:0335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "name": "USN-2889-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2889-2"
          },
          {
            "name": "[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/27/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
          },
          {
            "name": "SUSE-SU-2016:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "name": "77340",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77340"
          },
          {
            "name": "SUSE-SU-2016:0384",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
          },
          {
            "name": "DSA-3396",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3396"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "name": "SUSE-SU-2016:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
          },
          {
            "name": "SUSE-SU-2016:0381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:2292",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437"
        },
        {
          "name": "SUSE-SU-2016:0434",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
        },
        {
          "name": "USN-2887-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2887-2"
        },
        {
          "name": "[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2015/10/16/530"
        },
        {
          "name": "1034453",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034453"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2887-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2887-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=952384"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "name": "openSUSE-SU-2015:2232",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
        },
        {
          "name": "SUSE-SU-2016:0380",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a"
        },
        {
          "name": "USN-2889-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2889-1"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "SUSE-SU-2016:0335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "name": "USN-2889-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2889-2"
        },
        {
          "name": "[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/27/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
        },
        {
          "name": "SUSE-SU-2016:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "name": "77340",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77340"
        },
        {
          "name": "SUSE-SU-2016:0384",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
        },
        {
          "name": "DSA-3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3396"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "name": "SUSE-SU-2016:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
        },
        {
          "name": "SUSE-SU-2016:0381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7990",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2015:2292",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:0337",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
            },
            {
              "name": "SUSE-SU-2015:2350",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437"
            },
            {
              "name": "SUSE-SU-2016:0434",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
            },
            {
              "name": "USN-2887-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2887-2"
            },
            {
              "name": "[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket.",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2015/10/16/530"
            },
            {
              "name": "1034453",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034453"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2887-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2887-1"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=952384",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=952384"
            },
            {
              "name": "SUSE-SU-2015:2194",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
            },
            {
              "name": "USN-2890-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-3"
            },
            {
              "name": "openSUSE-SU-2015:2232",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
            },
            {
              "name": "SUSE-SU-2016:0380",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a"
            },
            {
              "name": "USN-2889-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2889-1"
            },
            {
              "name": "SUSE-SU-2016:0354",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
            },
            {
              "name": "SUSE-SU-2016:0335",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
            },
            {
              "name": "SUSE-SU-2015:2339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
            },
            {
              "name": "SUSE-SU-2015:2108",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
            },
            {
              "name": "USN-2889-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2889-2"
            },
            {
              "name": "[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/27/5"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
            },
            {
              "name": "SUSE-SU-2016:0383",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:0386",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2890-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-2"
            },
            {
              "name": "77340",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/77340"
            },
            {
              "name": "SUSE-SU-2016:0384",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
            },
            {
              "name": "DSA-3396",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3396"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a"
            },
            {
              "name": "USN-2890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-1"
            },
            {
              "name": "SUSE-SU-2016:0387",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
            },
            {
              "name": "SUSE-SU-2016:0381",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
            },
            {
              "name": "USN-2888-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2888-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7990",
    "datePublished": "2015-12-28T11:00:00",
    "dateReserved": "2015-10-28T00:00:00",
    "dateUpdated": "2024-08-06T08:06:31.579Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7799 (GCVE-0-2015-7799)

Vulnerability from cvelistv5

Published

2015-10-19 10:00

Modified

2024-08-06 07:59

Severity ?

CWE

Summary

The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2841-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/77033	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1033809	vdb-entry, x_refsource_SECTRACK
	https://code.google.com/p/android/issues/detail?id=187973	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2843-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2844-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2842-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2843-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2842-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2015/10/10/3	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1271134	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2841-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2015/dsa-3426	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2843-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:59:00.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:2292",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
          },
          {
            "name": "USN-2841-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2841-2"
          },
          {
            "name": "77033",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77033"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "name": "1033809",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033809"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/android/issues/detail?id=187973"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2843-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-1"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "name": "USN-2844-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2844-1"
          },
          {
            "name": "openSUSE-SU-2015:2232",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
          },
          {
            "name": "USN-2842-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2842-2"
          },
          {
            "name": "USN-2843-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-2"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "USN-2842-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2842-1"
          },
          {
            "name": "[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/10/3"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134"
          },
          {
            "name": "USN-2841-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2841-1"
          },
          {
            "name": "DSA-3426",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3426"
          },
          {
            "name": "USN-2843-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-3"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:2292",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
        },
        {
          "name": "USN-2841-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2841-2"
        },
        {
          "name": "77033",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77033"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "name": "1033809",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033809"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://code.google.com/p/android/issues/detail?id=187973"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2843-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-1"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "name": "USN-2844-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2844-1"
        },
        {
          "name": "openSUSE-SU-2015:2232",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
        },
        {
          "name": "USN-2842-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2842-2"
        },
        {
          "name": "USN-2843-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-2"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "USN-2842-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2842-1"
        },
        {
          "name": "[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/10/3"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134"
        },
        {
          "name": "USN-2841-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2841-1"
        },
        {
          "name": "DSA-3426",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3426"
        },
        {
          "name": "USN-2843-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-3"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7799",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2015:2292",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
            },
            {
              "name": "USN-2841-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2841-2"
            },
            {
              "name": "77033",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/77033"
            },
            {
              "name": "SUSE-SU-2015:2350",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
            },
            {
              "name": "1033809",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033809"
            },
            {
              "name": "https://code.google.com/p/android/issues/detail?id=187973",
              "refsource": "MISC",
              "url": "https://code.google.com/p/android/issues/detail?id=187973"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2843-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2843-1"
            },
            {
              "name": "SUSE-SU-2015:2194",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
            },
            {
              "name": "USN-2844-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2844-1"
            },
            {
              "name": "openSUSE-SU-2015:2232",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
            },
            {
              "name": "USN-2842-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2842-2"
            },
            {
              "name": "USN-2843-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2843-2"
            },
            {
              "name": "SUSE-SU-2015:2339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
            },
            {
              "name": "USN-2842-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2842-1"
            },
            {
              "name": "[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/10/3"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134"
            },
            {
              "name": "USN-2841-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2841-1"
            },
            {
              "name": "DSA-3426",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3426"
            },
            {
              "name": "USN-2843-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2843-3"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7799",
    "datePublished": "2015-10-19T10:00:00",
    "dateReserved": "2015-10-09T00:00:00",
    "dateUpdated": "2024-08-06T07:59:00.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7509 (GCVE-0-2015-7509)

Vulnerability from cvelistv5

Published

2015-12-28 11:00

Modified

2024-08-06 07:51

Severity ?

CWE

Summary

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://security-tracker.debian.org/tracker/CVE-2015-7509	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1259222	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1034559	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/c9b92530a723ac5ef8e352885a1862b18f31b2f5	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9b92530a723ac5ef8e352885a1862b18f31b2f5	x_refsource_CONFIRM
	https://bugzilla.suse.com/show_bug.cgi?id=956709	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:28.316Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:0855",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2015-7509"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259222"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "1034559",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034559"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/c9b92530a723ac5ef8e352885a1862b18f31b2f5"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9b92530a723ac5ef8e352885a1862b18f31b2f5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=956709"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2016:0855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2015-7509"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259222"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "1034559",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034559"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/c9b92530a723ac5ef8e352885a1862b18f31b2f5"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9b92530a723ac5ef8e352885a1862b18f31b2f5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=956709"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7509",
    "datePublished": "2015-12-28T11:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:28.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8812 (GCVE-0-2015-8812)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2949-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83218	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2947-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2947-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1303532	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2947-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/02/11/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2946-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2946-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.037Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "name": "SUSE-SU-2016:1038",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
          },
          {
            "name": "USN-2949-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2949-1"
          },
          {
            "name": "83218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83218"
          },
          {
            "name": "SUSE-SU-2016:1033",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "SUSE-SU-2016:1034",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
          },
          {
            "name": "USN-2947-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-3"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "SUSE-SU-2016:1035",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-2947-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
          },
          {
            "name": "SUSE-SU-2016:1031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
          },
          {
            "name": "USN-2947-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2947-1"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "[oss-security] 20160211 Linux kernel: Flaw in CXGB3 driver.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/02/11/1"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:1037",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
          },
          {
            "name": "SUSE-SU-2016:1045",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
          },
          {
            "name": "USN-2946-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2946-2"
          },
          {
            "name": "SUSE-SU-2016:1032",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
          },
          {
            "name": "SUSE-SU-2016:1039",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "SUSE-SU-2016:1041",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
          },
          {
            "name": "SUSE-SU-2016:1046",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
          },
          {
            "name": "USN-2948-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-1"
          },
          {
            "name": "USN-2946-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2946-1"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "USN-2948-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-2"
          },
          {
            "name": "SUSE-SU-2016:1040",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "name": "SUSE-SU-2016:1038",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
        },
        {
          "name": "USN-2949-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2949-1"
        },
        {
          "name": "83218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83218"
        },
        {
          "name": "SUSE-SU-2016:1033",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "SUSE-SU-2016:1034",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
        },
        {
          "name": "USN-2947-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-3"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "SUSE-SU-2016:1035",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-2947-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
        },
        {
          "name": "SUSE-SU-2016:1031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
        },
        {
          "name": "USN-2947-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2947-1"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "[oss-security] 20160211 Linux kernel: Flaw in CXGB3 driver.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/02/11/1"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:1037",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
        },
        {
          "name": "SUSE-SU-2016:1045",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
        },
        {
          "name": "USN-2946-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2946-2"
        },
        {
          "name": "SUSE-SU-2016:1032",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
        },
        {
          "name": "SUSE-SU-2016:1039",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "SUSE-SU-2016:1041",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
        },
        {
          "name": "SUSE-SU-2016:1046",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
        },
        {
          "name": "USN-2948-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-1"
        },
        {
          "name": "USN-2946-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2946-1"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "USN-2948-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-2"
        },
        {
          "name": "SUSE-SU-2016:1040",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "SUSE-SU-2016:1038",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
            },
            {
              "name": "USN-2949-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2949-1"
            },
            {
              "name": "83218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83218"
            },
            {
              "name": "SUSE-SU-2016:1033",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "SUSE-SU-2016:1034",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
            },
            {
              "name": "USN-2947-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2947-3"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
            },
            {
              "name": "RHSA-2016:2584",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
            },
            {
              "name": "SUSE-SU-2016:1035",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "USN-2947-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2947-2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
            },
            {
              "name": "SUSE-SU-2016:1031",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
            },
            {
              "name": "USN-2947-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2947-1"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "[oss-security] 20160211 Linux kernel: Flaw in CXGB3 driver.",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/02/11/1"
            },
            {
              "name": "SUSE-SU-2016:1019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:1037",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
            },
            {
              "name": "SUSE-SU-2016:1045",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
            },
            {
              "name": "USN-2946-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2946-2"
            },
            {
              "name": "SUSE-SU-2016:1032",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
            },
            {
              "name": "SUSE-SU-2016:1039",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "SUSE-SU-2016:1041",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
            },
            {
              "name": "SUSE-SU-2016:1046",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3"
            },
            {
              "name": "USN-2948-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2948-1"
            },
            {
              "name": "USN-2946-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2946-1"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            },
            {
              "name": "USN-2948-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2948-2"
            },
            {
              "name": "SUSE-SU-2016:1040",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8812",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-11T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.037Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2188 (GCVE-0-2016-2188)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:24

Severity ?

CWE

Summary

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/39556/	exploit, x_refsource_EXPLOIT-DB
	http://seclists.org/bugtraq/2016/Mar/87	mailing-list, x_refsource_BUGTRAQ
	https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1317018	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2016/Mar/118	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "39556",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39556/"
          },
          {
            "name": "20160310 oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/87"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317018"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0"
          },
          {
            "name": "20160315 Re: oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/118"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "39556",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39556/"
        },
        {
          "name": "20160310 oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/87"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317018"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0"
        },
        {
          "name": "20160315 Re: oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/118"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2188",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-6252 (GCVE-0-2015-6252)

Vulnerability from cvelistv5

Published

2015-10-19 10:00

Modified

2024-08-06 07:15

Severity ?

CWE

Summary

The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2748-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/76400	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2751-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2015/08/18/3	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5	x_refsource_CONFIRM
	http://www.debian.org/security/2015/dsa-3364	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2752-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2749-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1251839	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2760-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2759-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1033666	vdb-entry, x_refsource_SECTRACK
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2777-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:15:13.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2748-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2748-1"
          },
          {
            "name": "76400",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76400"
          },
          {
            "name": "USN-2751-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2751-1"
          },
          {
            "name": "[oss-security] 20150818 Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/08/18/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5"
          },
          {
            "name": "DSA-3364",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3364"
          },
          {
            "name": "SUSE-SU-2015:1727",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
          },
          {
            "name": "USN-2752-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2752-1"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "name": "USN-2749-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2749-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1251839"
          },
          {
            "name": "USN-2760-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2760-1"
          },
          {
            "name": "USN-2759-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2759-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "1033666",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033666"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
          },
          {
            "name": "USN-2777-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2777-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2748-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2748-1"
        },
        {
          "name": "76400",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76400"
        },
        {
          "name": "USN-2751-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2751-1"
        },
        {
          "name": "[oss-security] 20150818 Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/08/18/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5"
        },
        {
          "name": "DSA-3364",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3364"
        },
        {
          "name": "SUSE-SU-2015:1727",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
        },
        {
          "name": "USN-2752-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2752-1"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "name": "USN-2749-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2749-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1251839"
        },
        {
          "name": "USN-2760-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2760-1"
        },
        {
          "name": "USN-2759-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2759-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "1033666",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033666"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
        },
        {
          "name": "USN-2777-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2777-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-6252",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2748-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2748-1"
            },
            {
              "name": "76400",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/76400"
            },
            {
              "name": "USN-2751-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2751-1"
            },
            {
              "name": "[oss-security] 20150818 Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/08/18/3"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5"
            },
            {
              "name": "DSA-3364",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3364"
            },
            {
              "name": "SUSE-SU-2015:1727",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
            },
            {
              "name": "USN-2752-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2752-1"
            },
            {
              "name": "SUSE-SU-2016:0354",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:2108",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
            },
            {
              "name": "USN-2749-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2749-1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1251839",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1251839"
            },
            {
              "name": "USN-2760-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2760-1"
            },
            {
              "name": "USN-2759-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2759-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "1033666",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033666"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5"
            },
            {
              "name": "USN-2777-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2777-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-6252",
    "datePublished": "2015-10-19T10:00:00",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:15:13.291Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8215 (GCVE-0-2015-8215)

Vulnerability from cvelistv5

Published

2015-11-16 21:00

Modified

2024-08-06 08:13

Severity ?

CWE

Summary

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2015/dsa-3364	vendor-advisory, x_refsource_DEBIAN
	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	https://bugs.launchpad.net/bugs/1500810	x_refsource_CONFIRM
	https://bugzilla.novell.com/show_bug.cgi?id=944296	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/85274	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1192132	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.866Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:2292",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
          },
          {
            "name": "RHSA-2016:0855",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "name": "DSA-3364",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3364"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/bugs/1500810"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=944296"
          },
          {
            "name": "85274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/85274"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272.  NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:2292",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
        },
        {
          "name": "RHSA-2016:0855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "name": "DSA-3364",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3364"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/bugs/1500810"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=944296"
        },
        {
          "name": "85274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/85274"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2015-8215",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272.  NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2015:2292",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
            },
            {
              "name": "RHSA-2016:0855",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0855.html"
            },
            {
              "name": "SUSE-SU-2015:2350",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
            },
            {
              "name": "DSA-3364",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3364"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "SUSE-SU-2015:2194",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
            },
            {
              "name": "SUSE-SU-2016:0354",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:2339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
            },
            {
              "name": "https://bugs.launchpad.net/bugs/1500810",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/bugs/1500810"
            },
            {
              "name": "https://bugzilla.novell.com/show_bug.cgi?id=944296",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=944296"
            },
            {
              "name": "85274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/85274"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192132"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2015-8215",
    "datePublished": "2015-11-16T21:00:00",
    "dateReserved": "2015-11-16T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-4486 (GCVE-0-2016-4486)

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

CWE

Summary

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3006-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3004-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3001-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1333316	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/5f8e44741f9f216e33736ea4ec65ca9ac03036e6	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/90051	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3005-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/46006/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3002-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2989-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3007-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3003-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2998-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/05/04/27	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:25.246Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "USN-3006-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3006-1"
          },
          {
            "name": "USN-3004-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3004-1"
          },
          {
            "name": "USN-3001-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3001-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333316"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
          },
          {
            "name": "90051",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/90051"
          },
          {
            "name": "USN-3005-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3005-1"
          },
          {
            "name": "SUSE-SU-2016:1985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
          },
          {
            "name": "openSUSE-SU-2016:2184",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
          },
          {
            "name": "46006",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46006/"
          },
          {
            "name": "openSUSE-SU-2016:1641",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "USN-3000-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3000-1"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-3002-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3002-1"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2989-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2989-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
          },
          {
            "name": "USN-3007-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3007-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"
          },
          {
            "name": "USN-3003-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3003-1"
          },
          {
            "name": "SUSE-SU-2016:2105",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
          },
          {
            "name": "USN-2998-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2998-1"
          },
          {
            "name": "[oss-security] 20160504 CVE Request: kernel information leak vulnerability in rtnetlink",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/04/27"
          },
          {
            "name": "SUSE-SU-2016:1937",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-20T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "USN-3006-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3006-1"
        },
        {
          "name": "USN-3004-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3004-1"
        },
        {
          "name": "USN-3001-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3001-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333316"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
        },
        {
          "name": "90051",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/90051"
        },
        {
          "name": "USN-3005-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3005-1"
        },
        {
          "name": "SUSE-SU-2016:1985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
        },
        {
          "name": "openSUSE-SU-2016:2184",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
        },
        {
          "name": "46006",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46006/"
        },
        {
          "name": "openSUSE-SU-2016:1641",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "USN-3000-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3000-1"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-3002-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3002-1"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2989-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2989-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
        },
        {
          "name": "USN-3007-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3007-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"
        },
        {
          "name": "USN-3003-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3003-1"
        },
        {
          "name": "SUSE-SU-2016:2105",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
        },
        {
          "name": "USN-2998-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2998-1"
        },
        {
          "name": "[oss-security] 20160504 CVE Request: kernel information leak vulnerability in rtnetlink",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/04/27"
        },
        {
          "name": "SUSE-SU-2016:1937",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4486",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "USN-3006-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3006-1"
            },
            {
              "name": "USN-3004-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3004-1"
            },
            {
              "name": "USN-3001-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3001-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1333316",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333316"
            },
            {
              "name": "SUSE-SU-2016:1696",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/5f8e44741f9f216e33736ea4ec65ca9ac03036e6",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
            },
            {
              "name": "90051",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/90051"
            },
            {
              "name": "USN-3005-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3005-1"
            },
            {
              "name": "SUSE-SU-2016:1985",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
            },
            {
              "name": "openSUSE-SU-2016:2184",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
            },
            {
              "name": "46006",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46006/"
            },
            {
              "name": "openSUSE-SU-2016:1641",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
            },
            {
              "name": "USN-2997-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2997-1"
            },
            {
              "name": "USN-3000-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3000-1"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "USN-3002-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3002-1"
            },
            {
              "name": "USN-2996-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2996-1"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "USN-2989-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2989-1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6"
            },
            {
              "name": "USN-3007-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3007-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"
            },
            {
              "name": "USN-3003-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3003-1"
            },
            {
              "name": "SUSE-SU-2016:2105",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
            },
            {
              "name": "USN-2998-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2998-1"
            },
            {
              "name": "[oss-security] 20160504 CVE Request: kernel information leak vulnerability in rtnetlink",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/05/04/27"
            },
            {
              "name": "SUSE-SU-2016:1937",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-4486",
    "datePublished": "2016-05-23T10:00:00",
    "dateReserved": "2016-05-04T00:00:00",
    "dateUpdated": "2024-08-06T00:32:25.246Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-6937 (GCVE-0-2015-6937)

Vulnerability from cvelistv5

Published

2015-10-19 10:00

Modified

2024-08-06 07:36

Severity ?

CWE

Summary

The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2015/dsa-3364	vendor-advisory, x_refsource_DEBIAN
	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1263139	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034453	vdb-entry, x_refsource_SECTRACK
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2015/09/14/3	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2774-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/bid/76767	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2773-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html	vendor-advisory, x_refsource_FEDORA
	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2777-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:36:35.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "name": "SUSE-SU-2016:0434",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
          },
          {
            "name": "DSA-3364",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3364"
          },
          {
            "name": "FEDORA-2015-16440",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html"
          },
          {
            "name": "SUSE-SU-2015:1727",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139"
          },
          {
            "name": "1034453",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034453"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f"
          },
          {
            "name": "openSUSE-SU-2015:2232",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
          },
          {
            "name": "SUSE-SU-2016:0380",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "SUSE-SU-2016:0335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/09/14/3"
          },
          {
            "name": "USN-2774-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2774-1"
          },
          {
            "name": "SUSE-SU-2016:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f"
          },
          {
            "name": "FEDORA-2015-16417",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html"
          },
          {
            "name": "76767",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76767"
          },
          {
            "name": "USN-2773-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2773-1"
          },
          {
            "name": "SUSE-SU-2016:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
          },
          {
            "name": "FEDORA-2015-16441",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "SUSE-SU-2016:0384",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
          },
          {
            "name": "SUSE-SU-2016:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
          },
          {
            "name": "USN-2777-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2777-1"
          },
          {
            "name": "SUSE-SU-2016:0381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "name": "SUSE-SU-2016:0434",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
        },
        {
          "name": "DSA-3364",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3364"
        },
        {
          "name": "FEDORA-2015-16440",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html"
        },
        {
          "name": "SUSE-SU-2015:1727",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139"
        },
        {
          "name": "1034453",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034453"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f"
        },
        {
          "name": "openSUSE-SU-2015:2232",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
        },
        {
          "name": "SUSE-SU-2016:0380",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "SUSE-SU-2016:0335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/09/14/3"
        },
        {
          "name": "USN-2774-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2774-1"
        },
        {
          "name": "SUSE-SU-2016:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f"
        },
        {
          "name": "FEDORA-2015-16417",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html"
        },
        {
          "name": "76767",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76767"
        },
        {
          "name": "USN-2773-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2773-1"
        },
        {
          "name": "SUSE-SU-2016:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
        },
        {
          "name": "FEDORA-2015-16441",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "SUSE-SU-2016:0384",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
        },
        {
          "name": "SUSE-SU-2016:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
        },
        {
          "name": "USN-2777-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2777-1"
        },
        {
          "name": "SUSE-SU-2016:0381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-6937",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0337",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
            },
            {
              "name": "SUSE-SU-2015:2350",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
            },
            {
              "name": "SUSE-SU-2016:0434",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
            },
            {
              "name": "DSA-3364",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3364"
            },
            {
              "name": "FEDORA-2015-16440",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html"
            },
            {
              "name": "SUSE-SU-2015:1727",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139"
            },
            {
              "name": "1034453",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034453"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f"
            },
            {
              "name": "openSUSE-SU-2015:2232",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
            },
            {
              "name": "SUSE-SU-2016:0380",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
            },
            {
              "name": "SUSE-SU-2016:0354",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
            },
            {
              "name": "SUSE-SU-2016:0335",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
            },
            {
              "name": "SUSE-SU-2015:2339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
            },
            {
              "name": "SUSE-SU-2015:2108",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/09/14/3"
            },
            {
              "name": "USN-2774-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2774-1"
            },
            {
              "name": "SUSE-SU-2016:0383",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f"
            },
            {
              "name": "FEDORA-2015-16417",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html"
            },
            {
              "name": "76767",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/76767"
            },
            {
              "name": "USN-2773-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2773-1"
            },
            {
              "name": "SUSE-SU-2016:0386",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
            },
            {
              "name": "FEDORA-2015-16441",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "SUSE-SU-2016:0384",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
            },
            {
              "name": "SUSE-SU-2016:0387",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
            },
            {
              "name": "USN-2777-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2777-1"
            },
            {
              "name": "SUSE-SU-2016:0381",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-6937",
    "datePublished": "2015-10-19T10:00:00",
    "dateReserved": "2015-09-14T00:00:00",
    "dateUpdated": "2024-08-06T07:36:35.252Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3140 (GCVE-0-2016-3140)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/39537/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1316995	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/84304	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2016/03/14/6	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.302Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "39537",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39537/"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316995"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-3000-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3000-1"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          },
          {
            "name": "84304",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84304"
          },
          {
            "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (digi_acceleport driver)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/03/14/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:57",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "39537",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39537/"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316995"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-3000-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3000-1"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        },
        {
          "name": "84304",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84304"
        },
        {
          "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (digi_acceleport driver)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/03/14/6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "ID": "CVE-2016-3140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2971-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-2"
            },
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "39537",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39537/"
            },
            {
              "name": "SUSE-SU-2016:1696",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
            },
            {
              "name": "USN-2970-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2970-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1316995",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316995"
            },
            {
              "name": "USN-2968-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-1"
            },
            {
              "name": "USN-2971-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-3"
            },
            {
              "name": "USN-2997-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2997-1"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "USN-3000-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3000-1"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "USN-2971-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "USN-2996-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2996-1"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "USN-2968-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-2"
            },
            {
              "name": "openSUSE-SU-2016:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
            },
            {
              "name": "84304",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/84304"
            },
            {
              "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (digi_acceleport driver)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/03/14/6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-3140",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-03-13T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7566 (GCVE-0-2015-7566)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 07:51

Severity ?

CWE

Summary

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	https://security-tracker.debian.org/tracker/CVE-2015-7566	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/82975	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html	vendor-advisory, x_refsource_FEDORA
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1283371	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1296466	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/537733/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3448	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	https://www.exploit-db.com/exploits/39540/	exploit, x_refsource_EXPLOIT-DB
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:28.638Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2015-7566"
          },
          {
            "name": "82975",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/82975"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "name": "FEDORA-2016-26e19f042a",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "FEDORA-2016-b59fd603be",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466"
          },
          {
            "name": "20160309 OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/537733/100/0/threaded"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "FEDORA-2016-5d43766e33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2948-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-1"
          },
          {
            "name": "DSA-3448",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3448"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "39540",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39540/"
          },
          {
            "name": "USN-2948-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2015-7566"
        },
        {
          "name": "82975",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/82975"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "name": "FEDORA-2016-26e19f042a",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "FEDORA-2016-b59fd603be",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466"
        },
        {
          "name": "20160309 OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/537733/100/0/threaded"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "FEDORA-2016-5d43766e33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2948-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-1"
        },
        {
          "name": "DSA-3448",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3448"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "39540",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39540/"
        },
        {
          "name": "USN-2948-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7566",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:28.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-3339 (GCVE-0-2015-3339)

Vulnerability from cvelistv5

Published

2015-05-27 10:00

Modified

2024-08-06 05:47

Severity ?

CWE

Summary

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1032412	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html	vendor-advisory, x_refsource_FEDORA
	https://bugzilla.redhat.com/show_bug.cgi?id=1214030	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
	http://www.debian.org/security/2015/dsa-3237	vendor-advisory, x_refsource_DEBIAN
	http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html	vendor-advisory, x_refsource_FEDORA
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2015/04/20/5	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6	x_refsource_CONFIRM
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1272.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/8b01fc86b9f425899f8a3a8fc1c47d73c2c20543	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:1491",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
          },
          {
            "name": "1032412",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032412"
          },
          {
            "name": "SUSE-SU-2015:1489",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
          },
          {
            "name": "SUSE-SU-2015:1488",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
          },
          {
            "name": "FEDORA-2015-8518",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214030"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "DSA-3237",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3237"
          },
          {
            "name": "FEDORA-2015-7736",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "openSUSE-SU-2015:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
          },
          {
            "name": "[oss-security] 20150420 Re: Linux: chown() was racy relative to execve() - Linux kernel",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/04/20/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "RHSA-2015:1272",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
          },
          {
            "name": "SUSE-SU-2015:1487",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:1491",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
        },
        {
          "name": "1032412",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032412"
        },
        {
          "name": "SUSE-SU-2015:1489",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
        },
        {
          "name": "SUSE-SU-2015:1488",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
        },
        {
          "name": "FEDORA-2015-8518",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214030"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "DSA-3237",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3237"
        },
        {
          "name": "FEDORA-2015-7736",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "openSUSE-SU-2015:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
        },
        {
          "name": "[oss-security] 20150420 Re: Linux: chown() was racy relative to execve() - Linux kernel",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/04/20/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "RHSA-2015:1272",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
        },
        {
          "name": "SUSE-SU-2015:1487",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3339",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2015:1491",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
            },
            {
              "name": "1032412",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032412"
            },
            {
              "name": "SUSE-SU-2015:1489",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
            },
            {
              "name": "SUSE-SU-2015:1488",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
            },
            {
              "name": "FEDORA-2015-8518",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1214030",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214030"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "DSA-3237",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3237"
            },
            {
              "name": "FEDORA-2015-7736",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "openSUSE-SU-2015:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
            },
            {
              "name": "[oss-security] 20150420 Re: Linux: chown() was racy relative to execve() - Linux kernel",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/04/20/5"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "RHSA-2015:1272",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
            },
            {
              "name": "SUSE-SU-2015:1487",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/8b01fc86b9f425899f8a3a8fc1c47d73c2c20543",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/8b01fc86b9f425899f8a3a8fc1c47d73c2c20543"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3339",
    "datePublished": "2015-05-27T10:00:00",
    "dateReserved": "2015-04-20T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2547 (GCVE-0-2016-2547)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1311566	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/83378	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1035298	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:21.009Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311566"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "83378",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83378"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "1035298",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035298"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311566"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "83378",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83378"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "1035298",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035298"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2547",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311566",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311566"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "83378",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83378"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "1035298",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035298"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2547",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:21.009Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3156 (GCVE-0-2016-3156)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1318172	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/84428	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/03/15/3	mailing-list, x_refsource_MLIST
	https://github.com/torvalds/linux/commit/fbd40ea0180a2d328c5adc61414dc8bab9335ce2	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "84428",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84428"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "[oss-security] 20160315 CVE request: ipv4: Don\u0027t do expensive useless work during inetdev destroy",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/03/15/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "84428",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84428"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "[oss-security] 20160315 CVE request: ipv4: Don\u0027t do expensive useless work during inetdev destroy",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/03/15/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-3156",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2971-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-2"
            },
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172"
            },
            {
              "name": "USN-2970-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2970-1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "USN-2969-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2969-1"
            },
            {
              "name": "USN-2968-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-1"
            },
            {
              "name": "RHSA-2016:2584",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            },
            {
              "name": "USN-2971-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-3"
            },
            {
              "name": "USN-2997-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2997-1"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "USN-2971-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-1"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "USN-2996-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2996-1"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "SUSE-SU-2016:1019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
            },
            {
              "name": "USN-2968-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-2"
            },
            {
              "name": "openSUSE-SU-2016:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "84428",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/84428"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
            },
            {
              "name": "[oss-security] 20160315 CVE request: ipv4: Don\u0027t do expensive useless work during inetdev destroy",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/03/15/3"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/fbd40ea0180a2d328c5adc61414dc8bab9335ce2",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/fbd40ea0180a2d328c5adc61414dc8bab9335ce2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-3156",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-03-15T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2185 (GCVE-0-2016-2185)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:24

Severity ?

CWE

Summary

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/84341	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=1283363	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1317014	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1283362	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2016/Mar/90	mailing-list, x_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2016/Mar/116	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.335Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "84341",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84341"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283363"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317014"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283362"
          },
          {
            "name": "20160310 oss-2016-18: Multiple Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/90"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          },
          {
            "name": "20160315 Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/116"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-29T16:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "84341",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84341"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283363"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317014"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283362"
        },
        {
          "name": "20160310 oss-2016-18: Multiple Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/90"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        },
        {
          "name": "20160315 Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/116"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2185",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7872 (GCVE-0-2015-7872)

Vulnerability from cvelistv5

Published

2015-11-16 11:00

Modified

2024-08-06 08:06

Severity ?

CWE

Summary

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-2636.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-0212.html	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1272172	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2826-1	vendor-advisory, x_refsource_UBUNTU
	https://source.android.com/security/bulletin/2016-12-01.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1272371	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2840-1	vendor-advisory, x_refsource_UBUNTU
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=145975164525836&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2843-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2015/10/20/6	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2829-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2843-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-0185.html	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2840-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2829-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2823-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-0224.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1034472	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2843-3	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c	x_refsource_CONFIRM
	http://www.debian.org/security/2015/dsa-3396	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2824-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/77544	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:30.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2015:2292",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
          },
          {
            "name": "RHSA-2015:2636",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
          },
          {
            "name": "RHSA-2016:0212",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0212.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
          },
          {
            "name": "SUSE-SU-2016:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
          },
          {
            "name": "SUSE-SU-2015:2350",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272172"
          },
          {
            "name": "SUSE-SU-2016:0434",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
          },
          {
            "name": "USN-2826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2826-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2016-12-01.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272371"
          },
          {
            "name": "USN-2840-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2840-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676"
          },
          {
            "name": "HPSBGN03565",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=145975164525836\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "USN-2843-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-1"
          },
          {
            "name": "SUSE-SU-2015:2194",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
          },
          {
            "name": "[oss-security] 20151020 Re: CVE request: crash when attempt to garbage collect an uninstantiated keyring - Linux kernel",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/20/6"
          },
          {
            "name": "SUSE-SU-2016:0380",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
          },
          {
            "name": "USN-2829-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2829-2"
          },
          {
            "name": "SUSE-SU-2016:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
          },
          {
            "name": "USN-2843-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-2"
          },
          {
            "name": "SUSE-SU-2016:0335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
          },
          {
            "name": "SUSE-SU-2015:2339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
          },
          {
            "name": "SUSE-SU-2015:2108",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "RHSA-2016:0185",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0185.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
          },
          {
            "name": "USN-2840-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2840-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
          },
          {
            "name": "SUSE-SU-2016:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
          },
          {
            "name": "USN-2829-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2829-1"
          },
          {
            "name": "USN-2823-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2823-1"
          },
          {
            "name": "SUSE-SU-2016:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
          },
          {
            "name": "RHSA-2016:0224",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0224.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "1034472",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034472"
          },
          {
            "name": "SUSE-SU-2016:0384",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
          },
          {
            "name": "USN-2843-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2843-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
          },
          {
            "name": "DSA-3396",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3396"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "SUSE-SU-2016:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
          },
          {
            "name": "USN-2824-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2824-1"
          },
          {
            "name": "77544",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77544"
          },
          {
            "name": "SUSE-SU-2016:0381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-18T22:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2015:2292",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
        },
        {
          "name": "RHSA-2015:2636",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
        },
        {
          "name": "RHSA-2016:0212",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0212.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
        },
        {
          "name": "SUSE-SU-2016:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
        },
        {
          "name": "SUSE-SU-2015:2350",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272172"
        },
        {
          "name": "SUSE-SU-2016:0434",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
        },
        {
          "name": "USN-2826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2826-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2016-12-01.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272371"
        },
        {
          "name": "USN-2840-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2840-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676"
        },
        {
          "name": "HPSBGN03565",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=145975164525836\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "USN-2843-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-1"
        },
        {
          "name": "SUSE-SU-2015:2194",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
        },
        {
          "name": "[oss-security] 20151020 Re: CVE request: crash when attempt to garbage collect an uninstantiated keyring - Linux kernel",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/20/6"
        },
        {
          "name": "SUSE-SU-2016:0380",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
        },
        {
          "name": "USN-2829-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2829-2"
        },
        {
          "name": "SUSE-SU-2016:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
        },
        {
          "name": "USN-2843-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-2"
        },
        {
          "name": "SUSE-SU-2016:0335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
        },
        {
          "name": "SUSE-SU-2015:2339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
        },
        {
          "name": "SUSE-SU-2015:2108",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "RHSA-2016:0185",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0185.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
        },
        {
          "name": "USN-2840-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2840-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
        },
        {
          "name": "SUSE-SU-2016:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
        },
        {
          "name": "USN-2829-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2829-1"
        },
        {
          "name": "USN-2823-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2823-1"
        },
        {
          "name": "SUSE-SU-2016:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
        },
        {
          "name": "RHSA-2016:0224",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0224.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "1034472",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034472"
        },
        {
          "name": "SUSE-SU-2016:0384",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
        },
        {
          "name": "USN-2843-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2843-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
        },
        {
          "name": "DSA-3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3396"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "SUSE-SU-2016:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
        },
        {
          "name": "USN-2824-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2824-1"
        },
        {
          "name": "77544",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77544"
        },
        {
          "name": "SUSE-SU-2016:0381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7872",
    "datePublished": "2015-11-16T11:00:00",
    "dateReserved": "2015-10-20T00:00:00",
    "dateUpdated": "2024-08-06T08:06:30.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2549 (GCVE-0-2016-2549)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/83382	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/2ba1fe7a06d3624f9a7586d672b55f08f7c670f3	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=1311570	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.958Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "83382",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83382"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311570"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "83382",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83382"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311570"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2549",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "83382",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83382"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/2ba1fe7a06d3624f9a7586d672b55f08f7c670f3",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311570",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311570"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2549",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2543 (GCVE-0-2016-2543)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1311554	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/83377	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1035304	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.926Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311554"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "83377",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83377"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "1035304",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035304"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311554"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "83377",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83377"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "1035304",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035304"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311554",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311554"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "83377",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83377"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "1035304",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035304"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2543",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2186 (GCVE-0-2016-2186)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:24

Severity ?

CWE

Summary

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c6ba456711687b794dcf285856fc14e2c76074f	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/84337	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1317015	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://seclists.org/bugtraq/2016/Mar/117	mailing-list, x_refsource_BUGTRAQ
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://seclists.org/bugtraq/2016/Mar/85	mailing-list, x_refsource_BUGTRAQ
	https://github.com/torvalds/linux/commit/9c6ba456711687b794dcf285856fc14e2c76074f	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c6ba456711687b794dcf285856fc14e2c76074f"
          },
          {
            "name": "84337",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84337"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317015"
          },
          {
            "name": "USN-2969-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2969-1"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "20160315 Re: oss-2016-13: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/117"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "20160310 oss-2016-13: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Mar/85"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/9c6ba456711687b794dcf285856fc14e2c76074f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-29T16:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c6ba456711687b794dcf285856fc14e2c76074f"
        },
        {
          "name": "84337",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84337"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317015"
        },
        {
          "name": "USN-2969-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2969-1"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "20160315 Re: oss-2016-13: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/117"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "20160310 oss-2016-13: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Mar/85"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/9c6ba456711687b794dcf285856fc14e2c76074f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2186",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8816 (GCVE-0-2015-8816)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/83363	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1311589	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://source.android.com/security/bulletin/2016-07-01.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/02/23/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "SUSE-SU-2016:2010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
          },
          {
            "name": "SUSE-SU-2016:1994",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "SUSE-SU-2016:1961",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
          },
          {
            "name": "SUSE-SU-2016:2001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5"
          },
          {
            "name": "SUSE-SU-2016:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:2014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
          },
          {
            "name": "83363",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83363"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311589"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.android.com/security/bulletin/2016-07-01.html"
          },
          {
            "name": "SUSE-SU-2016:2009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
          },
          {
            "name": "[oss-security] 20160223 CVE Request: Linux kernel USB hub invalid memory access in hub_activate()",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/02/23/5"
          },
          {
            "name": "SUSE-SU-2016:2005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "SUSE-SU-2016:1995",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
          },
          {
            "name": "SUSE-SU-2016:2002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "SUSE-SU-2016:2010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
        },
        {
          "name": "SUSE-SU-2016:1994",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "SUSE-SU-2016:1961",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
        },
        {
          "name": "SUSE-SU-2016:2001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5"
        },
        {
          "name": "SUSE-SU-2016:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:2014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
        },
        {
          "name": "83363",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83363"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311589"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.android.com/security/bulletin/2016-07-01.html"
        },
        {
          "name": "SUSE-SU-2016:2009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
        },
        {
          "name": "[oss-security] 20160223 CVE Request: Linux kernel USB hub invalid memory access in hub_activate()",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/02/23/5"
        },
        {
          "name": "SUSE-SU-2016:2005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "SUSE-SU-2016:1995",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
        },
        {
          "name": "SUSE-SU-2016:2002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8816",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "SUSE-SU-2016:2010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
            },
            {
              "name": "SUSE-SU-2016:1994",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "SUSE-SU-2016:1961",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
            },
            {
              "name": "SUSE-SU-2016:2001",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5"
            },
            {
              "name": "SUSE-SU-2016:2006",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:2014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
            },
            {
              "name": "83363",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83363"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311589",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311589"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "SUSE-SU-2016:1019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
            },
            {
              "name": "http://source.android.com/security/bulletin/2016-07-01.html",
              "refsource": "CONFIRM",
              "url": "http://source.android.com/security/bulletin/2016-07-01.html"
            },
            {
              "name": "SUSE-SU-2016:2009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
            },
            {
              "name": "[oss-security] 20160223 CVE Request: Linux kernel USB hub invalid memory access in hub_activate()",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/02/23/5"
            },
            {
              "name": "SUSE-SU-2016:2005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:2007",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
            },
            {
              "name": "SUSE-SU-2016:1995",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
            },
            {
              "name": "SUSE-SU-2016:2002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8816",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2544 (GCVE-0-2016-2544)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:32

Severity ?

CWE

Summary

Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/01/19/1	mailing-list, x_refsource_MLIST
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1311558	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/83380	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1035305	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/3567eb6af614dac436c4b16a8d426f9faed639b3	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:32:20.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311558"
          },
          {
            "name": "83380",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83380"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "1035305",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035305"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/3567eb6af614dac436c4b16a8d426f9faed639b3"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-06T09:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311558"
        },
        {
          "name": "83380",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83380"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "1035305",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035305"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/3567eb6af614dac436c4b16a8d426f9faed639b3"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "[oss-security] 20160119 Security bugs in Linux kernel sound subsystem",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/19/1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311558",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311558"
            },
            {
              "name": "83380",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83380"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "1035305",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035305"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/3567eb6af614dac436c4b16a8d426f9faed639b3",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/3567eb6af614dac436c4b16a8d426f9faed639b3"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2544",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-02-23T00:00:00",
    "dateUpdated": "2024-08-05T23:32:20.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-2069 (GCVE-0-2016-2069)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:17

Severity ?

CWE

Summary

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

References

►

URL

Tags

	http://www.securityfocus.com/bid/81809	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/01/25/1	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2989-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/71b3c126e61177eb693423f2e18a1914205b165e	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1301893	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2998-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "81809",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/81809"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "[oss-security] 20160124 CVE Request: x86 Linux TLB flush bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/25/1"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "RHSA-2016:2584",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
          },
          {
            "name": "RHSA-2016:2574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "RHSA-2017:0817",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "USN-2989-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2989-1"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/71b3c126e61177eb693423f2e18a1914205b165e"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "USN-2998-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2998-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "81809",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/81809"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "[oss-security] 20160124 CVE Request: x86 Linux TLB flush bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/25/1"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "RHSA-2016:2584",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
        },
        {
          "name": "RHSA-2016:2574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "RHSA-2017:0817",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "USN-2989-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2989-1"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/71b3c126e61177eb693423f2e18a1914205b165e"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "USN-2998-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2998-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2069",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "81809",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/81809"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "[oss-security] 20160124 CVE Request: x86 Linux TLB flush bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/25/1"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "RHSA-2016:2584",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "RHSA-2017:0817",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "USN-2989-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2989-1"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/71b3c126e61177eb693423f2e18a1914205b165e",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/71b3c126e61177eb693423f2e18a1914205b165e"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            },
            {
              "name": "USN-2998-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2998-1"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2069",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-01-26T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-7446 (GCVE-0-2013-7446)

Vulnerability from cvelistv5

Published

2015-12-28 11:00

Modified

2024-08-06 18:09

Severity ?

CWE

Summary

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://groups.google.com/forum/#%21topic/syzkaller/3twDUI4Cpm8	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034557	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2887-2	vendor-advisory, x_refsource_UBUNTU
	https://forums.grsecurity.net/viewtopic.php?f=3&t=4150	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.spinics.net/lists/netdev/msg318826.html	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2887-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2889-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2889-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html	vendor-advisory, x_refsource_SUSE
	https://lkml.org/lkml/2015/9/13/195	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/77638	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	https://lkml.org/lkml/2014/5/15/532	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1282688	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2015/dsa-3426	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2015/11/18/16	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	https://lkml.org/lkml/2013/10/14/424	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:09:16.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0750",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://groups.google.com/forum/#%21topic/syzkaller/3twDUI4Cpm8"
          },
          {
            "name": "1034557",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034557"
          },
          {
            "name": "SUSE-SU-2016:2010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
          },
          {
            "name": "SUSE-SU-2016:2011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
          },
          {
            "name": "SUSE-SU-2016:2003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
          },
          {
            "name": "SUSE-SU-2016:0751",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html"
          },
          {
            "name": "SUSE-SU-2016:0747",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html"
          },
          {
            "name": "SUSE-SU-2016:0755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html"
          },
          {
            "name": "SUSE-SU-2016:1994",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
          },
          {
            "name": "USN-2887-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2887-2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://forums.grsecurity.net/viewtopic.php?f=3\u0026t=4150"
          },
          {
            "name": "SUSE-SU-2016:0757",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html"
          },
          {
            "name": "SUSE-SU-2016:1961",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
          },
          {
            "name": "SUSE-SU-2016:2001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
          },
          {
            "name": "[netdev] 20150304 [PATCH net] af_unix: don\u0027t poll dead peers",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.spinics.net/lists/netdev/msg318826.html"
          },
          {
            "name": "SUSE-SU-2016:0753",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html"
          },
          {
            "name": "USN-2886-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2886-1"
          },
          {
            "name": "USN-2887-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2887-1"
          },
          {
            "name": "USN-2890-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-3"
          },
          {
            "name": "SUSE-SU-2016:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c"
          },
          {
            "name": "USN-2889-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2889-1"
          },
          {
            "name": "SUSE-SU-2016:2014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
          },
          {
            "name": "openSUSE-SU-2016:1641",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
          },
          {
            "name": "USN-2889-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2889-2"
          },
          {
            "name": "SUSE-SU-2016:0746",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html"
          },
          {
            "name": "[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2015/9/13/195"
          },
          {
            "name": "SUSE-SU-2016:0749",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
          },
          {
            "name": "77638",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77638"
          },
          {
            "name": "SUSE-SU-2016:2009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
          },
          {
            "name": "SUSE-SU-2016:2005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
          },
          {
            "name": "[linux-kernel] 20140515 eventpoll __list_del_entry corruption (was: perf: use after free in perf_remove_from_context)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/5/15/532"
          },
          {
            "name": "SUSE-SU-2016:2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "USN-2890-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282688"
          },
          {
            "name": "SUSE-SU-2016:2000",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
          },
          {
            "name": "SUSE-SU-2016:0745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html"
          },
          {
            "name": "DSA-3426",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3426"
          },
          {
            "name": "SUSE-SU-2016:1995",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
          },
          {
            "name": "[oss-security] 20151118 Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/11/18/16"
          },
          {
            "name": "SUSE-SU-2016:2002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
          },
          {
            "name": "[linux-kernel] 20131014 Re: epoll oops.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2013/10/14/424"
          },
          {
            "name": "SUSE-SU-2016:0756",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c"
          },
          {
            "name": "USN-2890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2890-1"
          },
          {
            "name": "SUSE-SU-2016:0754",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html"
          },
          {
            "name": "SUSE-SU-2016:0752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html"
          },
          {
            "name": "USN-2888-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2888-1"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0750",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://groups.google.com/forum/#%21topic/syzkaller/3twDUI4Cpm8"
        },
        {
          "name": "1034557",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034557"
        },
        {
          "name": "SUSE-SU-2016:2010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
        },
        {
          "name": "SUSE-SU-2016:2011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
        },
        {
          "name": "SUSE-SU-2016:2003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
        },
        {
          "name": "SUSE-SU-2016:0751",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html"
        },
        {
          "name": "SUSE-SU-2016:0747",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html"
        },
        {
          "name": "SUSE-SU-2016:0755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html"
        },
        {
          "name": "SUSE-SU-2016:1994",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
        },
        {
          "name": "USN-2887-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2887-2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://forums.grsecurity.net/viewtopic.php?f=3\u0026t=4150"
        },
        {
          "name": "SUSE-SU-2016:0757",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html"
        },
        {
          "name": "SUSE-SU-2016:1961",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
        },
        {
          "name": "SUSE-SU-2016:2001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
        },
        {
          "name": "[netdev] 20150304 [PATCH net] af_unix: don\u0027t poll dead peers",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.spinics.net/lists/netdev/msg318826.html"
        },
        {
          "name": "SUSE-SU-2016:0753",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html"
        },
        {
          "name": "USN-2886-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2886-1"
        },
        {
          "name": "USN-2887-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2887-1"
        },
        {
          "name": "USN-2890-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-3"
        },
        {
          "name": "SUSE-SU-2016:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c"
        },
        {
          "name": "USN-2889-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2889-1"
        },
        {
          "name": "SUSE-SU-2016:2014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
        },
        {
          "name": "openSUSE-SU-2016:1641",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
        },
        {
          "name": "USN-2889-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2889-2"
        },
        {
          "name": "SUSE-SU-2016:0746",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html"
        },
        {
          "name": "[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2015/9/13/195"
        },
        {
          "name": "SUSE-SU-2016:0749",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
        },
        {
          "name": "77638",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77638"
        },
        {
          "name": "SUSE-SU-2016:2009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
        },
        {
          "name": "SUSE-SU-2016:2005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
        },
        {
          "name": "[linux-kernel] 20140515 eventpoll __list_del_entry corruption (was: perf: use after free in perf_remove_from_context)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/5/15/532"
        },
        {
          "name": "SUSE-SU-2016:2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "USN-2890-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282688"
        },
        {
          "name": "SUSE-SU-2016:2000",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
        },
        {
          "name": "SUSE-SU-2016:0745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html"
        },
        {
          "name": "DSA-3426",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3426"
        },
        {
          "name": "SUSE-SU-2016:1995",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
        },
        {
          "name": "[oss-security] 20151118 Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/11/18/16"
        },
        {
          "name": "SUSE-SU-2016:2002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
        },
        {
          "name": "[linux-kernel] 20131014 Re: epoll oops.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2013/10/14/424"
        },
        {
          "name": "SUSE-SU-2016:0756",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c"
        },
        {
          "name": "USN-2890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2890-1"
        },
        {
          "name": "SUSE-SU-2016:0754",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html"
        },
        {
          "name": "SUSE-SU-2016:0752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html"
        },
        {
          "name": "USN-2888-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2888-1"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-7446",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0750",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html"
            },
            {
              "name": "https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8",
              "refsource": "CONFIRM",
              "url": "https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8"
            },
            {
              "name": "1034557",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034557"
            },
            {
              "name": "SUSE-SU-2016:2010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
            },
            {
              "name": "SUSE-SU-2016:2011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
            },
            {
              "name": "SUSE-SU-2016:2003",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
            },
            {
              "name": "SUSE-SU-2016:0751",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html"
            },
            {
              "name": "SUSE-SU-2016:0747",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html"
            },
            {
              "name": "SUSE-SU-2016:0755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html"
            },
            {
              "name": "SUSE-SU-2016:1994",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
            },
            {
              "name": "USN-2887-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2887-2"
            },
            {
              "name": "https://forums.grsecurity.net/viewtopic.php?f=3\u0026t=4150",
              "refsource": "MISC",
              "url": "https://forums.grsecurity.net/viewtopic.php?f=3\u0026t=4150"
            },
            {
              "name": "SUSE-SU-2016:0757",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html"
            },
            {
              "name": "SUSE-SU-2016:1961",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
            },
            {
              "name": "SUSE-SU-2016:2001",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
            },
            {
              "name": "[netdev] 20150304 [PATCH net] af_unix: don\u0027t poll dead peers",
              "refsource": "MLIST",
              "url": "http://www.spinics.net/lists/netdev/msg318826.html"
            },
            {
              "name": "SUSE-SU-2016:0753",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html"
            },
            {
              "name": "USN-2886-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2886-1"
            },
            {
              "name": "USN-2887-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2887-1"
            },
            {
              "name": "USN-2890-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-3"
            },
            {
              "name": "SUSE-SU-2016:2006",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c"
            },
            {
              "name": "USN-2889-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2889-1"
            },
            {
              "name": "SUSE-SU-2016:2014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
            },
            {
              "name": "openSUSE-SU-2016:1641",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
            },
            {
              "name": "USN-2889-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2889-2"
            },
            {
              "name": "SUSE-SU-2016:0746",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html"
            },
            {
              "name": "[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2015/9/13/195"
            },
            {
              "name": "SUSE-SU-2016:0749",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
            },
            {
              "name": "77638",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/77638"
            },
            {
              "name": "SUSE-SU-2016:2009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
            },
            {
              "name": "SUSE-SU-2016:2005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
            },
            {
              "name": "[linux-kernel] 20140515 eventpoll __list_del_entry corruption (was: perf: use after free in perf_remove_from_context)",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/5/15/532"
            },
            {
              "name": "SUSE-SU-2016:2007",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "USN-2890-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1282688",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282688"
            },
            {
              "name": "SUSE-SU-2016:2000",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
            },
            {
              "name": "SUSE-SU-2016:0745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html"
            },
            {
              "name": "DSA-3426",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3426"
            },
            {
              "name": "SUSE-SU-2016:1995",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
            },
            {
              "name": "[oss-security] 20151118 Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/11/18/16"
            },
            {
              "name": "SUSE-SU-2016:2002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
            },
            {
              "name": "[linux-kernel] 20131014 Re: epoll oops.",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2013/10/14/424"
            },
            {
              "name": "SUSE-SU-2016:0756",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c"
            },
            {
              "name": "USN-2890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2890-1"
            },
            {
              "name": "SUSE-SU-2016:0754",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html"
            },
            {
              "name": "SUSE-SU-2016:0752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html"
            },
            {
              "name": "USN-2888-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2888-1"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-7446",
    "datePublished": "2015-12-28T11:00:00",
    "dateReserved": "2015-11-18T00:00:00",
    "dateUpdated": "2024-08-06T18:09:16.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3137 (GCVE-0-2016-3137)

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/03/14/3	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1316996	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/84300	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2971-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-2"
          },
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cypress_m8 driver)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/03/14/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316996"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "name": "USN-2970-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2970-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
          },
          {
            "name": "84300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84300"
          },
          {
            "name": "USN-2968-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-1"
          },
          {
            "name": "USN-2971-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-3"
          },
          {
            "name": "USN-2997-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2997-1"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-3000-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3000-1"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "USN-2971-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2971-1"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "USN-2996-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2996-1"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "USN-2968-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2968-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
          },
          {
            "name": "openSUSE-SU-2016:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:58",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "USN-2971-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-2"
        },
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cypress_m8 driver)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/03/14/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316996"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "name": "USN-2970-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2970-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
        },
        {
          "name": "84300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84300"
        },
        {
          "name": "USN-2968-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-1"
        },
        {
          "name": "USN-2971-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-3"
        },
        {
          "name": "USN-2997-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2997-1"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-3000-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3000-1"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "USN-2971-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2971-1"
        },
        {
          "name": "SUSE-SU-2016:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
        },
        {
          "name": "USN-2996-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2996-1"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "USN-2968-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2968-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
        },
        {
          "name": "openSUSE-SU-2016:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2016-3137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2971-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-2"
            },
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cypress_m8 driver)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/03/14/3"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1316996",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316996"
            },
            {
              "name": "SUSE-SU-2016:1696",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
            },
            {
              "name": "USN-2970-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2970-1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
            },
            {
              "name": "84300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/84300"
            },
            {
              "name": "USN-2968-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-1"
            },
            {
              "name": "USN-2971-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-3"
            },
            {
              "name": "USN-2997-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2997-1"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "USN-3000-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3000-1"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "USN-2971-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2971-1"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "USN-2996-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2996-1"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "USN-2968-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2968-2"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754"
            },
            {
              "name": "openSUSE-SU-2016:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-3137",
    "datePublished": "2016-05-02T10:00:00",
    "dateReserved": "2016-03-13T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8767 (GCVE-0-2015-8767)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

References

►

URL

Tags

	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2016:1341	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-0715.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2016:1301	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/01/11/4	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1297389	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/80268	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3448	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2016:1277	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:21.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "RHSA-2016:1341",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1341"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "RHSA-2016:0715",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0715.html"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "RHSA-2016:1301",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1301"
          },
          {
            "name": "[oss-security] 20160111 CVE Request: Linux kernel -  SCTP denial of service during heartbeat timeout functions.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/01/11/4"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
          },
          {
            "name": "FEDORA-2016-5d43766e33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "80268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/80268"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "DSA-3448",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3448"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "RHSA-2016:1277",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1277"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "RHSA-2016:1341",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1341"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "RHSA-2016:0715",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0715.html"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "RHSA-2016:1301",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1301"
        },
        {
          "name": "[oss-security] 20160111 CVE Request: Linux kernel -  SCTP denial of service during heartbeat timeout functions.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/01/11/4"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
        },
        {
          "name": "FEDORA-2016-5d43766e33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "80268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/80268"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "DSA-3448",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3448"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "RHSA-2016:1277",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1277"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8767",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "USN-2967-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "RHSA-2016:1341",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1341"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "RHSA-2016:0715",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0715.html"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "RHSA-2016:1301",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1301"
            },
            {
              "name": "[oss-security] 20160111 CVE Request: Linux kernel -  SCTP denial of service during heartbeat timeout functions.",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/01/11/4"
            },
            {
              "name": "DSA-3503",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3503"
            },
            {
              "name": "USN-2967-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2967-2"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=635682a14427d241bab7bbdeebb48a7d7b91638e"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
            },
            {
              "name": "FEDORA-2016-5d43766e33",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "80268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/80268"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/635682a14427d241bab7bbdeebb48a7d7b91638e"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "DSA-3448",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3448"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            },
            {
              "name": "RHSA-2016:1277",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1277"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8767",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2016-01-11T00:00:00",
    "dateUpdated": "2024-08-06T08:29:21.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-3134 (GCVE-0-2016-3134)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309	x_refsource_CONFIRM
	https://code.google.com/p/google-security-research/issues/detail?id=758	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1317383	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1847.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3049-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1875.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1036763	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3050-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1883.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/84305	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"
          },
          {
            "name": "SUSE-SU-2016:2010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
          },
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "SUSE-SU-2016:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317383"
          },
          {
            "name": "SUSE-SU-2016:1994",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "SUSE-SU-2016:1961",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309"
          },
          {
            "name": "SUSE-SU-2016:2001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
          },
          {
            "name": "SUSE-SU-2016:1985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
          },
          {
            "name": "RHSA-2016:1847",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
          },
          {
            "name": "SUSE-SU-2016:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
          },
          {
            "name": "USN-3049-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3049-1"
          },
          {
            "name": "RHSA-2016:1875",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
          },
          {
            "name": "SUSE-SU-2016:2014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
          },
          {
            "name": "openSUSE-SU-2016:1641",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "DSA-3607",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3607"
          },
          {
            "name": "1036763",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036763"
          },
          {
            "name": "SUSE-SU-2016:1672",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
          },
          {
            "name": "SUSE-SU-2016:2009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "USN-3050-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3050-1"
          },
          {
            "name": "SUSE-SU-2016:2005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "SUSE-SU-2016:2000",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
          },
          {
            "name": "RHSA-2016:1883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html"
          },
          {
            "name": "SUSE-SU-2016:1995",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
          },
          {
            "name": "SUSE-SU-2016:2002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
          },
          {
            "name": "USN-2931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2931-1"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "name": "84305",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/84305"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:29",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"
        },
        {
          "name": "SUSE-SU-2016:2010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
        },
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "SUSE-SU-2016:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317383"
        },
        {
          "name": "SUSE-SU-2016:1994",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "SUSE-SU-2016:1961",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309"
        },
        {
          "name": "SUSE-SU-2016:2001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
        },
        {
          "name": "SUSE-SU-2016:1985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
        },
        {
          "name": "RHSA-2016:1847",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
        },
        {
          "name": "SUSE-SU-2016:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
        },
        {
          "name": "USN-3049-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3049-1"
        },
        {
          "name": "RHSA-2016:1875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
        },
        {
          "name": "SUSE-SU-2016:2014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
        },
        {
          "name": "openSUSE-SU-2016:1641",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "DSA-3607",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3607"
        },
        {
          "name": "1036763",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036763"
        },
        {
          "name": "SUSE-SU-2016:1672",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
        },
        {
          "name": "SUSE-SU-2016:2009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "USN-3050-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3050-1"
        },
        {
          "name": "SUSE-SU-2016:2005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "SUSE-SU-2016:2000",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
        },
        {
          "name": "RHSA-2016:1883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html"
        },
        {
          "name": "SUSE-SU-2016:1995",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
        },
        {
          "name": "SUSE-SU-2016:2002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
        },
        {
          "name": "USN-2931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2931-1"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "name": "84305",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/84305"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2016-3134",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:1690",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309"
            },
            {
              "name": "https://code.google.com/p/google-security-research/issues/detail?id=758",
              "refsource": "MISC",
              "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"
            },
            {
              "name": "SUSE-SU-2016:2010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
            },
            {
              "name": "USN-2930-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-1"
            },
            {
              "name": "SUSE-SU-2016:1696",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317383",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317383"
            },
            {
              "name": "SUSE-SU-2016:1994",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "SUSE-SU-2016:1961",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
            },
            {
              "name": "USN-2930-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-2"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309"
            },
            {
              "name": "SUSE-SU-2016:2001",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
            },
            {
              "name": "SUSE-SU-2016:1985",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
            },
            {
              "name": "RHSA-2016:1847",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
            },
            {
              "name": "SUSE-SU-2016:2006",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
            },
            {
              "name": "USN-3049-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3049-1"
            },
            {
              "name": "RHSA-2016:1875",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
            },
            {
              "name": "SUSE-SU-2016:2014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
            },
            {
              "name": "openSUSE-SU-2016:1641",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
            },
            {
              "name": "SUSE-SU-2016:1764",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
            },
            {
              "name": "USN-2930-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2930-3"
            },
            {
              "name": "DSA-3607",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3607"
            },
            {
              "name": "1036763",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036763"
            },
            {
              "name": "SUSE-SU-2016:1672",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
            },
            {
              "name": "SUSE-SU-2016:2009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
            },
            {
              "name": "USN-2929-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-1"
            },
            {
              "name": "USN-2932-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2932-1"
            },
            {
              "name": "USN-3050-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3050-1"
            },
            {
              "name": "SUSE-SU-2016:2005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:2007",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
            },
            {
              "name": "SUSE-SU-2016:2000",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
            },
            {
              "name": "RHSA-2016:1883",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html"
            },
            {
              "name": "SUSE-SU-2016:1995",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
            },
            {
              "name": "SUSE-SU-2016:2002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
            },
            {
              "name": "USN-2931-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2931-1"
            },
            {
              "name": "USN-2929-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2929-2"
            },
            {
              "name": "84305",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/84305"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2016-3134",
    "datePublished": "2016-04-27T17:00:00",
    "dateReserved": "2016-03-13T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-0723 (GCVE-0-2016-0723)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-05 22:30

Severity ?

CWE

Summary

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.

References

►

URL

Tags

	https://security-tracker.debian.org/tracker/CVE-2016-0723	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1296253	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-2	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2930-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://source.android.com/security/bulletin/2016-07-01.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/82950	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1035695	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3448	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE
	https://support.f5.com/csp/article/K43650115	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:30:03.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2016-0723"
          },
          {
            "name": "USN-2930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-1"
          },
          {
            "name": "USN-2967-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296253"
          },
          {
            "name": "USN-2930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-2"
          },
          {
            "name": "DSA-3503",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3503"
          },
          {
            "name": "USN-2967-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2967-2"
          },
          {
            "name": "SUSE-SU-2016:1764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439"
          },
          {
            "name": "USN-2930-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2930-3"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.android.com/security/bulletin/2016-07-01.html"
          },
          {
            "name": "USN-2929-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-1"
          },
          {
            "name": "USN-2932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2932-1"
          },
          {
            "name": "82950",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/82950"
          },
          {
            "name": "FEDORA-2016-5d43766e33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "name": "1035695",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035695"
          },
          {
            "name": "USN-2948-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-1"
          },
          {
            "name": "DSA-3448",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3448"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "USN-2929-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2929-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439"
          },
          {
            "name": "USN-2948-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2948-2"
          },
          {
            "name": "FEDORA-2016-2f25d12c51",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K43650115"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-19T17:06:05",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2016-0723"
        },
        {
          "name": "USN-2930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-1"
        },
        {
          "name": "USN-2967-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296253"
        },
        {
          "name": "USN-2930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-2"
        },
        {
          "name": "DSA-3503",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3503"
        },
        {
          "name": "USN-2967-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2967-2"
        },
        {
          "name": "SUSE-SU-2016:1764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439"
        },
        {
          "name": "USN-2930-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2930-3"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.android.com/security/bulletin/2016-07-01.html"
        },
        {
          "name": "USN-2929-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-1"
        },
        {
          "name": "USN-2932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2932-1"
        },
        {
          "name": "82950",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/82950"
        },
        {
          "name": "FEDORA-2016-5d43766e33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
        },
        {
          "name": "1035695",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035695"
        },
        {
          "name": "USN-2948-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-1"
        },
        {
          "name": "DSA-3448",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3448"
        },
        {
          "name": "openSUSE-SU-2016:1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
        },
        {
          "name": "USN-2929-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2929-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439"
        },
        {
          "name": "USN-2948-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2948-2"
        },
        {
          "name": "FEDORA-2016-2f25d12c51",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K43650115"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-0723",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2015-12-16T00:00:00",
    "dateUpdated": "2024-08-05T22:30:03.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8539 (GCVE-0-2015-8539)

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 08:20

Severity ?

CWE

Summary

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1284450	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:0181	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2015/12/09/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2018:0152	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2018:0151	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/3798-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/3798-2/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:20:42.590Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
          },
          {
            "name": "RHSA-2018:0181",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0181"
          },
          {
            "name": "SUSE-SU-2016:0434",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
          },
          {
            "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
          },
          {
            "name": "SUSE-SU-2016:0380",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
          },
          {
            "name": "RHSA-2018:0152",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0152"
          },
          {
            "name": "SUSE-SU-2016:0335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "SUSE-SU-2016:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
          },
          {
            "name": "SUSE-SU-2016:0339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
          },
          {
            "name": "RHSA-2018:0151",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0151"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "SUSE-SU-2016:0384",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
          },
          {
            "name": "USN-3798-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3798-1/"
          },
          {
            "name": "SUSE-SU-2016:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
          },
          {
            "name": "SUSE-SU-2016:0336",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
          },
          {
            "name": "USN-3798-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3798-2/"
          },
          {
            "name": "SUSE-SU-2016:0381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:1937",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-30T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
        },
        {
          "name": "RHSA-2018:0181",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        },
        {
          "name": "SUSE-SU-2016:0434",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        },
        {
          "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
        },
        {
          "name": "SUSE-SU-2016:0380",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
        },
        {
          "name": "RHSA-2018:0152",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        },
        {
          "name": "SUSE-SU-2016:0335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "SUSE-SU-2016:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
        },
        {
          "name": "SUSE-SU-2016:0339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
        },
        {
          "name": "RHSA-2018:0151",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0151"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "SUSE-SU-2016:0384",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
        },
        {
          "name": "USN-3798-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3798-1/"
        },
        {
          "name": "SUSE-SU-2016:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
        },
        {
          "name": "SUSE-SU-2016:0336",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
        },
        {
          "name": "USN-3798-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3798-2/"
        },
        {
          "name": "SUSE-SU-2016:0381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:1937",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0337",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
            },
            {
              "name": "RHSA-2018:0181",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0181"
            },
            {
              "name": "SUSE-SU-2016:0434",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
            },
            {
              "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
            },
            {
              "name": "SUSE-SU-2016:0380",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
            },
            {
              "name": "RHSA-2018:0152",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0152"
            },
            {
              "name": "SUSE-SU-2016:0335",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "SUSE-SU-2016:0383",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:0386",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
            },
            {
              "name": "SUSE-SU-2016:0339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
            },
            {
              "name": "RHSA-2018:0151",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0151"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "SUSE-SU-2016:0384",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
            },
            {
              "name": "USN-3798-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3798-1/"
            },
            {
              "name": "SUSE-SU-2016:0387",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
            },
            {
              "name": "SUSE-SU-2016:0336",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
            },
            {
              "name": "USN-3798-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3798-2/"
            },
            {
              "name": "SUSE-SU-2016:0381",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:1937",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8539",
    "datePublished": "2016-02-08T02:00:00",
    "dateReserved": "2015-12-10T00:00:00",
    "dateUpdated": "2024-08-06T08:20:42.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2016:2074-1

Vulnerability from csaf_suse

CVE-2015-0272 (GCVE-0-2015-0272)

Vulnerability from cvelistv5

CVE-2016-2548 (GCVE-0-2016-2548)

Vulnerability from cvelistv5

CVE-2016-2847 (GCVE-0-2016-2847)

Vulnerability from cvelistv5

CVE-2015-7515 (GCVE-0-2015-7515)

Vulnerability from cvelistv5

CVE-2015-8569 (GCVE-0-2015-8569)

Vulnerability from cvelistv5

CVE-2015-8543 (GCVE-0-2015-8543)

Vulnerability from cvelistv5

CVE-2016-2143 (GCVE-0-2016-2143)

Vulnerability from cvelistv5

CVE-2015-8785 (GCVE-0-2015-8785)

Vulnerability from cvelistv5

CVE-2016-3139 (GCVE-0-2016-3139)

Vulnerability from cvelistv5

CVE-2013-2015 (GCVE-0-2013-2015)

Vulnerability from cvelistv5

CVE-2016-2184 (GCVE-0-2016-2184)

Vulnerability from cvelistv5

CVE-2016-2384 (GCVE-0-2016-2384)

Vulnerability from cvelistv5

CVE-2015-8575 (GCVE-0-2015-8575)

Vulnerability from cvelistv5

CVE-2016-3138 (GCVE-0-2016-3138)

Vulnerability from cvelistv5

CVE-2015-8104 (GCVE-0-2015-8104)

Vulnerability from cvelistv5

CVE-2016-2545 (GCVE-0-2016-2545)

Vulnerability from cvelistv5

CVE-2015-5307 (GCVE-0-2015-5307)

Vulnerability from cvelistv5

CVE-2016-2782 (GCVE-0-2016-2782)

Vulnerability from cvelistv5

CVE-2016-2546 (GCVE-0-2016-2546)

Vulnerability from cvelistv5

CVE-2015-7550 (GCVE-0-2015-7550)

Vulnerability from cvelistv5

CVE-2015-7990 (GCVE-0-2015-7990)

Vulnerability from cvelistv5

CVE-2015-7799 (GCVE-0-2015-7799)

Vulnerability from cvelistv5

CVE-2015-7509 (GCVE-0-2015-7509)

Vulnerability from cvelistv5

CVE-2015-8812 (GCVE-0-2015-8812)

Vulnerability from cvelistv5

CVE-2016-2188 (GCVE-0-2016-2188)

Vulnerability from cvelistv5

CVE-2015-6252 (GCVE-0-2015-6252)

Vulnerability from cvelistv5

CVE-2015-8215 (GCVE-0-2015-8215)

Vulnerability from cvelistv5

CVE-2016-4486 (GCVE-0-2016-4486)

Vulnerability from cvelistv5

CVE-2015-6937 (GCVE-0-2015-6937)

Vulnerability from cvelistv5

CVE-2016-3140 (GCVE-0-2016-3140)

Vulnerability from cvelistv5

CVE-2015-7566 (GCVE-0-2015-7566)

Vulnerability from cvelistv5

CVE-2015-3339 (GCVE-0-2015-3339)

Vulnerability from cvelistv5

CVE-2016-2547 (GCVE-0-2016-2547)

Vulnerability from cvelistv5

CVE-2016-3156 (GCVE-0-2016-3156)

Vulnerability from cvelistv5

CVE-2016-2185 (GCVE-0-2016-2185)

Vulnerability from cvelistv5

CVE-2015-7872 (GCVE-0-2015-7872)

Vulnerability from cvelistv5

CVE-2016-2549 (GCVE-0-2016-2549)

Vulnerability from cvelistv5

CVE-2016-2543 (GCVE-0-2016-2543)

Vulnerability from cvelistv5

CVE-2016-2186 (GCVE-0-2016-2186)