suse-su-2023:0420-1
Vulnerability from csaf_suse
Published
2023-02-15 11:01
Modified
2023-02-15 11:01
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).
- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth component (bsc#1206073).
- CVE-2022-3643: Fixed reset/abort/crash via netback from VM guest (bsc#1206113).
- CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req() which can be used to leak kernel pointers remotely (bsc#1205705).
- CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2cap_core.c's l2cap_connect() and l2cap_le_connect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).
- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem that could lead a local user to crash the system (bsc#1206664).
- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem (bsc#1207237).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
The following non-security bugs were fixed:
- HID: betop: check shape of output reports (git-fixes, bsc#1207186).
- HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes).
- HID: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).
- sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).
Patchnames
SUSE-2023-420,SUSE-SLE-SERVER-12-SP2-BCL-2023-420
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).\n- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth component (bsc#1206073).\n- CVE-2022-3643: Fixed reset/abort/crash via netback from VM guest (bsc#1206113).\n- CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req() which can be used to leak kernel pointers remotely (bsc#1205705).\n- CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2cap_core.c\u0027s l2cap_connect() and l2cap_le_connect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).\n- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem that could lead a local user to crash the system (bsc#1206664).\n- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem (bsc#1207237).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n\nThe following non-security bugs were fixed:\n\n- HID: betop: check shape of output reports (git-fixes, bsc#1207186).\n- HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes).\n- HID: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).\n- sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-420,SUSE-SLE-SERVER-12-SP2-BCL-2023-420",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0420-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0420-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230420-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0420-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013767.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108488",
"url": "https://bugzilla.suse.com/1108488"
},
{
"category": "self",
"summary": "SUSE Bug 1205705",
"url": "https://bugzilla.suse.com/1205705"
},
{
"category": "self",
"summary": "SUSE Bug 1205709",
"url": "https://bugzilla.suse.com/1205709"
},
{
"category": "self",
"summary": "SUSE Bug 1206073",
"url": "https://bugzilla.suse.com/1206073"
},
{
"category": "self",
"summary": "SUSE Bug 1206113",
"url": "https://bugzilla.suse.com/1206113"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE Bug 1206677",
"url": "https://bugzilla.suse.com/1206677"
},
{
"category": "self",
"summary": "SUSE Bug 1206784",
"url": "https://bugzilla.suse.com/1206784"
},
{
"category": "self",
"summary": "SUSE Bug 1207036",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "self",
"summary": "SUSE Bug 1207125",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1207237",
"url": "https://bugzilla.suse.com/1207237"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9517 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3564 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3643 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42895 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42896 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-47929 page",
"url": "https://www.suse.com/security/cve/CVE-2022-47929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23455 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23455/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-02-15T11:01:11Z",
"generator": {
"date": "2023-02-15T11:01:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0420-1",
"initial_release_date": "2023-02-15T11:01:11Z",
"revision_history": [
{
"date": "2023-02-15T11:01:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.199.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.199.1.aarch64",
"product_id": "cluster-network-kmp-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.199.1.aarch64",
"product_id": "dlm-kmp-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.199.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-default-4.4.121-92.199.1.aarch64",
"product_id": "kernel-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.121-92.199.1.aarch64",
"product_id": "kernel-default-base-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.121-92.199.1.aarch64",
"product_id": "kernel-default-devel-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.121-92.199.1.aarch64",
"product_id": "kernel-default-extra-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.199.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.121-92.199.1.aarch64",
"product_id": "kernel-obs-build-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.199.1.aarch64",
"product_id": "kernel-obs-qa-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-syms-4.4.121-92.199.1.aarch64",
"product_id": "kernel-syms-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "kernel-vanilla-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.199.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.199.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.199.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.199.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.199.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.121-92.199.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.aarch64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.199.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.199.1.noarch",
"product_id": "kernel-devel-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-docs-4.4.121-92.199.1.noarch",
"product_id": "kernel-docs-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.121-92.199.1.noarch",
"product_id": "kernel-docs-html-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.121-92.199.1.noarch",
"product_id": "kernel-docs-pdf-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.199.1.noarch",
"product_id": "kernel-macros-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.199.1.noarch",
"product_id": "kernel-source-4.4.121-92.199.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.121-92.199.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.121-92.199.1.noarch",
"product_id": "kernel-source-vanilla-4.4.121-92.199.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-network-kmp-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-network-kmp-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.199.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.121-92.199.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "dlm-kmp-vanilla-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.199.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.199.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-debug-base-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-default-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-default-base-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-default-devel-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-default-extra-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-obs-build-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-syms-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-vanilla-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.199.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.199.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.199.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.199.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.199.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.199.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.121-92.199.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.199.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.199.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.199.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.s390x",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.199.1.s390x",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.199.1.s390x",
"product_id": "cluster-network-kmp-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.s390x",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.199.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.121-92.199.1.s390x",
"product_id": "dlm-kmp-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.s390x",
"product_id": "dlm-kmp-vanilla-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.199.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.199.1.s390x",
"product_id": "gfs2-kmp-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.s390x",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-base-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-base-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-devel-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-extra-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-kgraft-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-default-man-4.4.121-92.199.1.s390x",
"product_id": "kernel-default-man-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.121-92.199.1.s390x",
"product_id": "kernel-obs-build-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.121-92.199.1.s390x",
"product_id": "kernel-obs-qa-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-syms-4.4.121-92.199.1.s390x",
"product_id": "kernel-syms-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.121-92.199.1.s390x",
"product_id": "kernel-vanilla-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.199.1.s390x",
"product_id": "kernel-vanilla-base-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.199.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.121-92.199.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.121-92.199.1.s390x",
"product_id": "kernel-zfcpdump-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.199.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.199.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.121-92.199.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.s390x",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.s390x",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.199.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.199.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.199.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.199.1.x86_64",
"product_id": "cluster-network-kmp-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.199.1.x86_64",
"product_id": "cluster-network-kmp-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.199.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.199.1.x86_64",
"product_id": "dlm-kmp-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.199.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.199.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-debug-4.4.121-92.199.1.x86_64",
"product_id": "kernel-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.121-92.199.1.x86_64",
"product_id": "kernel-debug-base-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.121-92.199.1.x86_64",
"product_id": "kernel-debug-devel-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.121-92.199.1.x86_64",
"product_id": "kernel-debug-extra-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.199.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.199.1.x86_64",
"product_id": "kernel-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.199.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.199.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.121-92.199.1.x86_64",
"product_id": "kernel-default-extra-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.199.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.121-92.199.1.x86_64",
"product_id": "kernel-obs-build-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.199.1.x86_64",
"product_id": "kernel-obs-qa-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.199.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "kernel-vanilla-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.199.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.199.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.199.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.199.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.199.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.199.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.199.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.121-92.199.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.199.1.x86_64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.199.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.199.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.199.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.199.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.199.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.199.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.199.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.199.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.199.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.199.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.199.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.199.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.199.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.199.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.199.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9517"
}
],
"notes": [
{
"category": "general",
"text": "In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9517",
"url": "https://www.suse.com/security/cve/CVE-2018-9517"
},
{
"category": "external",
"summary": "SUSE Bug 1108488 for CVE-2018-9517",
"url": "https://bugzilla.suse.com/1108488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "low"
}
],
"title": "CVE-2018-9517"
},
{
"cve": "CVE-2022-3564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3564"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3564",
"url": "https://www.suse.com/security/cve/CVE-2022-3564"
},
{
"category": "external",
"summary": "SUSE Bug 1206073 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1206073"
},
{
"category": "external",
"summary": "SUSE Bug 1206314 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1206314"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "important"
}
],
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-3643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3643"
}
],
"notes": [
{
"category": "general",
"text": "Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3643",
"url": "https://www.suse.com/security/cve/CVE-2022-3643"
},
{
"category": "external",
"summary": "SUSE Bug 1206113 for CVE-2022-3643",
"url": "https://bugzilla.suse.com/1206113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-42895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42895"
}
],
"notes": [
{
"category": "general",
"text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.\nWe recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url \n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42895",
"url": "https://www.suse.com/security/cve/CVE-2022-42895"
},
{
"category": "external",
"summary": "SUSE Bug 1205705 for CVE-2022-42895",
"url": "https://bugzilla.suse.com/1205705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-42895"
},
{
"cve": "CVE-2022-42896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42896"
}
],
"notes": [
{
"category": "general",
"text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.\n\nWe recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url \n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42896",
"url": "https://www.suse.com/security/cve/CVE-2022-42896"
},
{
"category": "external",
"summary": "SUSE Bug 1205709 for CVE-2022-42896",
"url": "https://bugzilla.suse.com/1205709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-42896"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-47929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-47929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-47929",
"url": "https://www.suse.com/security/cve/CVE-2022-47929"
},
{
"category": "external",
"summary": "SUSE Bug 1207237 for CVE-2022-47929",
"url": "https://bugzilla.suse.com/1207237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "moderate"
}
],
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2023-23454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23454"
}
],
"notes": [
{
"category": "general",
"text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23454",
"url": "https://www.suse.com/security/cve/CVE-2023-23454"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207188 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207188"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "important"
}
],
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23455"
}
],
"notes": [
{
"category": "general",
"text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23455",
"url": "https://www.suse.com/security/cve/CVE-2023-23455"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207125 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "external",
"summary": "SUSE Bug 1207189 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207189"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.199.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.199.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.199.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-15T11:01:11Z",
"details": "important"
}
],
"title": "CVE-2023-23455"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…