cvelistv5 - CVE-2015-1339

CVE-2015-1339 (GCVE-0-2015-1339)

Vulnerability from cvelistv5

Published

2016-04-27 17:00

Modified

2024-08-06 04:40

Severity ?

CWE

Summary

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2015-1339

Vulnerability from fkie_nvd

Published

2016-04-27 17:59

Modified

2025-04-12 10:46

Severity ?

6.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security@ubuntu.com	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c
security@ubuntu.com	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
security@ubuntu.com	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	Third Party Advisory
security@ubuntu.com	http://www.openwall.com/lists/oss-security/2016/03/02/13	Patch
security@ubuntu.com	https://bugzilla.novell.com/show_bug.cgi?id=969356	Issue Tracking
security@ubuntu.com	https://bugzilla.redhat.com/show_bug.cgi?id=1314331	Issue Tracking
security@ubuntu.com	https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c	Patch, Vendor Advisory
security@ubuntu.com	https://security-tracker.debian.org/tracker/CVE-2015-1339
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/03/02/13	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.novell.com/show_bug.cgi?id=969356	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1314331	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security-tracker.debian.org/tracker/CVE-2015-1339

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
novell	suse_linux_enterprise_debuginfo	11
novell	suse_linux_enterprise_real_time_extension	11

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B389602-4271-4CF2-BA64-4B0DAD8AB4A9",
              "versionEndIncluding": "4.3.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "B942E0F5-7FDC-4AE5-985D-25F4EA7406F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "BFF56CE7-91EF-4FF9-B306-5F00249D9FEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en la funci\u00f3n cuse_channel_release en fs/fuse/cuse.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales provocar una denegaci\u00f3n de servicio (consumo de memoria) o posiblemente tener otro impacto no especificado abriendo /dev/cuse muchas veces."
    }
  ],
  "id": "CVE-2015-1339",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-27T17:59:00.117",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/03/02/13"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=969356"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://security-tracker.debian.org/tracker/CVE-2015-1339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/03/02/13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=969356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security-tracker.debian.org/tracker/CVE-2015-1339"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

suse-su-2016:1707-1

Vulnerability from csaf_suse

Published

2016-06-30 15:03

Modified

2016-06-30 15:03

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1339: Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times (bnc#969356). - CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint (bnc#961512). - CVE-2015-8551: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka 'Linux pciback missing sanity checks (bnc#957990). - CVE-2015-8552: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka 'Linux pciback missing sanity checks (bnc#957990). - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010). - CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandles the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h (bnc#970504). - CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125). - CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124). - CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958). - CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670). - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948). - CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970). - CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911). - CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909). - CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892). - CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360). The following non-security bugs were fixed: - acpi / pci: Account for ARI in _PRT lookups (bsc#968566). - af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570). - alsa: pcm: Fix potential deadlock in OSS emulation (bsc#968018). - alsa: rawmidi: Fix race at copying & updating the position (bsc#968018). - alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018). - alsa: seq: Fix double port list deletion (bsc#968018). - alsa: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup() (bsc#968018). - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018). - alsa: seq: Fix lockdep warnings due to double mutex locks (bsc#968018). - alsa: seq: Fix race at closing in virmidi driver (bsc#968018). - alsa: seq: Fix yet another races among ALSA timer accesses (bsc#968018). - alsa: timer: Call notifier in the same spinlock (bsc#973378). - alsa: timer: Code cleanup (bsc#968018). - alsa: timer: Fix leftover link at closing (bsc#968018). - alsa: timer: Fix link corruption due to double start or stop (bsc#968018). - alsa: timer: Fix race between stop and interrupt (bsc#968018). - alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018). - alsa: timer: Protect the whole snd_timer_close() with open race (bsc#973378). - alsa: timer: Sync timer deletion at closing the system timer (bsc#973378). - alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378). - dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752). - fs, seqfile: always allow oom killer (bnc#968687). - fs/seq_file: fallback to vmalloc allocation (bnc#968687). - fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687). - hpsa: fix issues with multilun devices (bsc#959381). - ibmvscsi: Remove unsupported host config MAD (bsc#973556). - iommu/vt-d: Improve fault handler error messages (bsc#975772). - iommu/vt-d: Ratelimit fault handler (bsc#975772). - ipv6: make fib6 serial number per namespace (bsc#965319). - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852). - ipv6: per netns fib6 walkers (bsc#965319). - ipv6: per netns FIB garbage collection (bsc#965319). - ipv6: replace global gc_args with local variable (bsc#965319). - kabi, fs/seq_file: fallback to vmalloc allocation (bnc#968687). - kabi: Import kabi files from kernel 3.0.101-71 - kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319). - kabi: Restore kabi after lock-owner change (bnc#968141). - llist: Add llist_next() (fate#316876). - make vfree() safe to call from interrupt contexts (fate#316876). - mld, igmp: Fix reserved tailroom calculation (bsc#956852). - net/core: dev_mc_sync_multiple calls wrong helper (bsc#971433). - net/core: __hw_addr_create_ex does not initialize sync_cnt (bsc#971433). - net/core: __hw_addr_sync_one / _multiple broken (bsc#971433). - net/core: __hw_addr_unsync_one 'from' address not marked synced (bsc#971433). - nfs4: treat lock owners as opaque values (bnc#968141). - nfsd4: return nfserr_symlink on v4 OPEN of non-regular file (bsc#973237). - nfsd: do not fail unchecked creates of non-special files (bsc#973237). - nfs: use smaller allocations for 'struct idmap' (bsc#965923). - pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990). - pciback: Save the number of MSI-X entries to be copied later (bsc#957988). - pci: Move pci_ari_enabled() to global header (bsc#968566). - pci: Update PCI VPD size patch to upstream: - PCI: Determine actual VPD size on first access (bsc#971729). - PCI: Update VPD definitions (bsc#971729). - rdma/ucma: Fix AB-BA deadlock (bsc#963998). - s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413). - scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458). - scsi: mpt2sas: Rearrange the the code so that the completion queues are initialized prior to sending the request to controller firmware (bsc#967863). - skb: Add inline helper for getting the skb end offset from head (bsc#956852). - tcp: avoid order-1 allocations on wifi and tx path (bsc#956852). - tcp: fix skb_availroom() (bsc#956852). - usb: usbip: fix potential out-of-bounds write (bnc#975945). - vmxnet3: set carrier state properly on probe (bsc#972363). - vmxnet3: set netdev parant device before calling netdev_info (bsc#972363). - xfrm: do not segment UFO packets (bsc#946122). - xfs: fix sgid inheritance for subdirectories inheriting default acls [V3] (bsc#965860). - xhci: Workaround to get Intel xHCI reset working more reliably (bnc#898592).

Patchnames

slertesp4-kernel-rt-12636

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n- CVE-2015-1339: Memory leak in the cuse_channel_release function in\n  fs/fuse/cuse.c in the Linux kernel allowed local users to cause a denial\n  of service (memory consumption) or possibly have unspecified other impact\n  by opening /dev/cuse many times (bnc#969356).\n- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c\n  in the Linux kernel allowed physically proximate attackers to cause\n  a denial of service (NULL pointer dereference and system crash) or\n  possibly have unspecified other impact by inserting a USB device that\n  lacks a bulk-out endpoint (bnc#961512).\n- CVE-2015-8551: The PCI backend driver in Xen, when running on an\n  x86 system and using Linux 3.1.x through 4.3.x as the driver domain,\n  allowed local guest administrators to hit BUG conditions and cause\n  a denial of service (NULL pointer dereference and host OS crash) by\n  leveraging a system with access to a passed-through MSI or MSI-X capable\n  physical PCI device and a crafted sequence of XEN_PCI_OP_* operations,\n  aka \u0027Linux pciback missing sanity checks (bnc#957990).\n- CVE-2015-8552: The PCI backend driver in Xen, when running on an\n  x86 system and using Linux 3.1.x through 4.3.x as the driver domain,\n  allowed local guest administrators to generate a continuous stream\n  of WARN messages and cause a denial of service (disk consumption)\n  by leveraging a system with access to a passed-through MSI or MSI-X\n  capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka\n  \u0027Linux pciback missing sanity checks (bnc#957990).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in\n  the Linux kernel did not properly maintain a hub-interface data structure,\n  which allowed physically proximate attackers to cause a denial of service\n  (invalid memory access and system crash) or possibly have unspecified\n  other impact by unplugging a USB hub device (bnc#968010).\n- CVE-2016-2143: The fork implementation in the Linux kernel on s390\n  platforms mishandles the case of four page-table levels, which allowed\n  local users to cause a denial of service (system crash) or possibly\n  have unspecified other impact via a crafted application, related to\n  arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h\n  (bnc#970504).\n- CVE-2016-2184: The create_fixed_stream_quirk function in\n  sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed\n  physically proximate attackers to cause a denial of service (NULL pointer\n  dereference or double free, and system crash) via a crafted endpoints\n  value in a USB device descriptor (bnc#971125).\n- CVE-2016-2185: The ati_remote2_probe function in\n  drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically\n  proximate attackers to cause a denial of service (NULL pointer dereference\n  and system crash) via a crafted endpoints value in a USB device descriptor\n  (bnc#971124).\n- CVE-2016-2186: The powermate_probe function in\n  drivers/input/misc/powermate.c in the Linux kernel allowed physically\n  proximate attackers to cause a denial of service (NULL pointer dereference\n  and system crash) via a crafted endpoints value in a USB device descriptor\n  (bnc#970958).\n- CVE-2016-2188: The iowarrior_probe function in\n  drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically\n  proximate attackers to cause a denial of service (NULL pointer dereference\n  and system crash) via a crafted endpoints value in a USB device descriptor\n  (bnc#970956).\n- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c\n  in the Linux kernel allowed physically proximate attackers to cause a\n  denial of service (NULL pointer dereference and system crash) or possibly\n  have unspecified other impact by inserting a USB device that lacks a\n  (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).\n- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount\n  of unread data in pipes, which allowed local users to cause a denial of\n  service (memory consumption) by creating many pipes with non-default sizes\n  (bnc#970948).\n- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel\n  allowed physically proximate attackers to cause a denial of service\n  (NULL pointer dereference and system crash) via a USB device without\n  both an interrupt-in and an interrupt-out endpoint descriptor, related\n  to the cypress_generic_port_probe and cypress_open functions (bnc#970970).\n- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c\n  in the Linux kernel allowed physically proximate attackers to cause a\n  denial of service (NULL pointer dereference and system crash) via a USB\n  device without both a control and a data endpoint descriptor (bnc#970911).\n- CVE-2016-3139: The wacom_probe function in\n  drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically\n  proximate attackers to cause a denial of service (NULL pointer dereference\n  and system crash) via a crafted endpoints value in a USB device descriptor\n  (bnc#970909).\n- CVE-2016-3140: The digi_port_init function in\n  drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed\n  physically proximate attackers to cause a denial of service (NULL pointer\n  dereference and system crash) via a crafted endpoints value in a USB\n  device descriptor (bnc#970892).\n- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles\n  destruction of device objects, which allowed guest OS users to cause a\n  denial of service (host OS networking outage) by arranging for a large\n  number of IP addresses (bnc#971360).\n\nThe following non-security bugs were fixed:\n- acpi / pci: Account for ARI in _PRT lookups (bsc#968566).\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).\n- alsa: pcm: Fix potential deadlock in OSS emulation (bsc#968018).\n- alsa: rawmidi: Fix race at copying \u0026 updating the position (bsc#968018).\n- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n- alsa: seq: Fix double port list deletion (bsc#968018).\n- alsa: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup() (bsc#968018).\n- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n- alsa: seq: Fix lockdep warnings due to double mutex locks (bsc#968018).\n- alsa: seq: Fix race at closing in virmidi driver (bsc#968018).\n- alsa: seq: Fix yet another races among ALSA timer accesses (bsc#968018).\n- alsa: timer: Call notifier in the same spinlock (bsc#973378).\n- alsa: timer: Code cleanup (bsc#968018).\n- alsa: timer: Fix leftover link at closing (bsc#968018).\n- alsa: timer: Fix link corruption due to double start or stop (bsc#968018).\n- alsa: timer: Fix race between stop and interrupt (bsc#968018).\n- alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018).\n- alsa: timer: Protect the whole snd_timer_close() with open race (bsc#973378).\n- alsa: timer: Sync timer deletion at closing the system timer (bsc#973378).\n- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).\n- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).\n- fs, seqfile: always allow oom killer (bnc#968687).\n- fs/seq_file: fallback to vmalloc allocation (bnc#968687).\n- fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687).\n- hpsa: fix issues with multilun devices (bsc#959381).\n- ibmvscsi: Remove unsupported host config MAD (bsc#973556).\n- iommu/vt-d: Improve fault handler error messages (bsc#975772).\n- iommu/vt-d: Ratelimit fault handler (bsc#975772).\n- ipv6: make fib6 serial number per namespace (bsc#965319).\n- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).\n- ipv6: per netns fib6 walkers (bsc#965319).\n- ipv6: per netns FIB garbage collection (bsc#965319).\n- ipv6: replace global gc_args with local variable (bsc#965319).\n- kabi, fs/seq_file: fallback to vmalloc allocation (bnc#968687).\n- kabi: Import kabi files from kernel 3.0.101-71\n- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).\n- kabi: Restore kabi after lock-owner change (bnc#968141).\n- llist: Add llist_next() (fate#316876).\n- make vfree() safe to call from interrupt contexts (fate#316876).\n- mld, igmp: Fix reserved tailroom calculation (bsc#956852).\n- net/core: dev_mc_sync_multiple calls wrong helper (bsc#971433).\n- net/core: __hw_addr_create_ex does not initialize sync_cnt (bsc#971433).\n- net/core: __hw_addr_sync_one / _multiple broken (bsc#971433).\n- net/core: __hw_addr_unsync_one \u0027from\u0027 address not marked synced (bsc#971433).\n- nfs4: treat lock owners as opaque values (bnc#968141).\n- nfsd4: return nfserr_symlink on v4 OPEN of non-regular file (bsc#973237).\n- nfsd: do not fail unchecked creates of non-special files (bsc#973237).\n- nfs: use smaller allocations for \u0027struct idmap\u0027 (bsc#965923).\n- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).\n- pciback: Save the number of MSI-X entries to be copied later (bsc#957988).\n- pci: Move pci_ari_enabled() to global header (bsc#968566).\n- pci: Update PCI VPD size patch to upstream: - PCI: Determine actual VPD size on first access (bsc#971729). - PCI: Update VPD definitions (bsc#971729).\n- rdma/ucma: Fix AB-BA deadlock (bsc#963998).\n- s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413).\n- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).\n- scsi: mpt2sas: Rearrange the the code so that the completion queues are initialized prior to sending the request to controller firmware (bsc#967863).\n- skb: Add inline helper for getting the skb end offset from head (bsc#956852).\n- tcp: avoid order-1 allocations on wifi and tx path (bsc#956852).\n- tcp: fix skb_availroom() (bsc#956852).\n- usb: usbip: fix potential out-of-bounds write (bnc#975945).\n- vmxnet3: set carrier state properly on probe (bsc#972363).\n- vmxnet3: set netdev parant device before calling netdev_info (bsc#972363).\n- xfrm: do not segment UFO packets (bsc#946122).\n- xfs: fix sgid inheritance for subdirectories inheriting default acls [V3] (bsc#965860).\n- xhci: Workaround to get Intel xHCI reset working more reliably (bnc#898592).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "slertesp4-kernel-rt-12636",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1707-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:1707-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161707-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:1707-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-June/002142.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 898592",
        "url": "https://bugzilla.suse.com/898592"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 940413",
        "url": "https://bugzilla.suse.com/940413"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 946122",
        "url": "https://bugzilla.suse.com/946122"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949752",
        "url": "https://bugzilla.suse.com/949752"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956852",
        "url": "https://bugzilla.suse.com/956852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957988",
        "url": "https://bugzilla.suse.com/957988"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957990",
        "url": "https://bugzilla.suse.com/957990"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959381",
        "url": "https://bugzilla.suse.com/959381"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 960458",
        "url": "https://bugzilla.suse.com/960458"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 961512",
        "url": "https://bugzilla.suse.com/961512"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 963998",
        "url": "https://bugzilla.suse.com/963998"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 965319",
        "url": "https://bugzilla.suse.com/965319"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 965860",
        "url": "https://bugzilla.suse.com/965860"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 965923",
        "url": "https://bugzilla.suse.com/965923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 967863",
        "url": "https://bugzilla.suse.com/967863"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968010",
        "url": "https://bugzilla.suse.com/968010"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968018",
        "url": "https://bugzilla.suse.com/968018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968141",
        "url": "https://bugzilla.suse.com/968141"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968566",
        "url": "https://bugzilla.suse.com/968566"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968670",
        "url": "https://bugzilla.suse.com/968670"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 968687",
        "url": "https://bugzilla.suse.com/968687"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 969356",
        "url": "https://bugzilla.suse.com/969356"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970504",
        "url": "https://bugzilla.suse.com/970504"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970892",
        "url": "https://bugzilla.suse.com/970892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970909",
        "url": "https://bugzilla.suse.com/970909"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970911",
        "url": "https://bugzilla.suse.com/970911"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970948",
        "url": "https://bugzilla.suse.com/970948"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970956",
        "url": "https://bugzilla.suse.com/970956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970958",
        "url": "https://bugzilla.suse.com/970958"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970970",
        "url": "https://bugzilla.suse.com/970970"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971124",
        "url": "https://bugzilla.suse.com/971124"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971125",
        "url": "https://bugzilla.suse.com/971125"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971360",
        "url": "https://bugzilla.suse.com/971360"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971433",
        "url": "https://bugzilla.suse.com/971433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971729",
        "url": "https://bugzilla.suse.com/971729"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 972363",
        "url": "https://bugzilla.suse.com/972363"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 973237",
        "url": "https://bugzilla.suse.com/973237"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 973378",
        "url": "https://bugzilla.suse.com/973378"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 973556",
        "url": "https://bugzilla.suse.com/973556"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 973570",
        "url": "https://bugzilla.suse.com/973570"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 975772",
        "url": "https://bugzilla.suse.com/975772"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 975945",
        "url": "https://bugzilla.suse.com/975945"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1339 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7566 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7566/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8551 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8551/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8552 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8552/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8816 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2143 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2143/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2184 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2185 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2186 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2188 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2782 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2782/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2847 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3137 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3137/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3138 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3138/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3139 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3139/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3140 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3156 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3156/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2016-06-30T15:03:23Z",
      "generator": {
        "date": "2016-06-30T15:03:23Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:1707-1",
      "initial_release_date": "2016-06-30T15:03:23Z",
      "revision_history": [
        {
          "date": "2016-06-30T15:03:23Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-base-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt-base-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt-base-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt-devel-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt_trace-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-source-rt-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-source-rt-3.0.101.rt130-54.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-3.0.101.rt130-54.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-3.0.101.rt130-54.1.x86_64",
                  "product_id": "kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 11 SP4",
                  "product_id": "SUSE Linux Enterprise Real Time 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-base-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt-base-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-source-rt-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-3.0.101.rt130-54.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-3.0.101.rt130-54.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-1339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1339",
          "url": "https://www.suse.com/security/cve/CVE-2015-1339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969356 for CVE-2015-1339",
          "url": "https://bugzilla.suse.com/969356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-1339"
    },
    {
      "cve": "CVE-2015-7566",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7566"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7566",
          "url": "https://www.suse.com/security/cve/CVE-2015-7566"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7566",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961512 for CVE-2015-7566",
          "url": "https://bugzilla.suse.com/961512"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7566"
    },
    {
      "cve": "CVE-2015-8551",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8551"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka \"Linux pciback missing sanity checks.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8551",
          "url": "https://www.suse.com/security/cve/CVE-2015-8551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8551",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957990 for CVE-2015-8551",
          "url": "https://bugzilla.suse.com/957990"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8551"
    },
    {
      "cve": "CVE-2015-8552",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8552"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \"Linux pciback missing sanity checks.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8552",
          "url": "https://www.suse.com/security/cve/CVE-2015-8552"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8552",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957990 for CVE-2015-8552",
          "url": "https://bugzilla.suse.com/957990"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8552"
    },
    {
      "cve": "CVE-2015-8816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8816",
          "url": "https://www.suse.com/security/cve/CVE-2015-8816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968010 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/968010"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 979064 for CVE-2015-8816",
          "url": "https://bugzilla.suse.com/979064"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8816"
    },
    {
      "cve": "CVE-2016-2143",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2143"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2143",
          "url": "https://www.suse.com/security/cve/CVE-2016-2143"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970504 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/970504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 993872 for CVE-2016-2143",
          "url": "https://bugzilla.suse.com/993872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2143"
    },
    {
      "cve": "CVE-2016-2184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2184",
          "url": "https://www.suse.com/security/cve/CVE-2016-2184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2184",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971125 for CVE-2016-2184",
          "url": "https://bugzilla.suse.com/971125"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2184"
    },
    {
      "cve": "CVE-2016-2185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2185",
          "url": "https://www.suse.com/security/cve/CVE-2016-2185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2185",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971124 for CVE-2016-2185",
          "url": "https://bugzilla.suse.com/971124"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2185"
    },
    {
      "cve": "CVE-2016-2186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2186",
          "url": "https://www.suse.com/security/cve/CVE-2016-2186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2186",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970958 for CVE-2016-2186",
          "url": "https://bugzilla.suse.com/970958"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2186"
    },
    {
      "cve": "CVE-2016-2188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2188",
          "url": "https://www.suse.com/security/cve/CVE-2016-2188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1067912 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1067912"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132190 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1132190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970956 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/970956"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2188"
    },
    {
      "cve": "CVE-2016-2782",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2782"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2782",
          "url": "https://www.suse.com/security/cve/CVE-2016-2782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961512 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/961512"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 968670 for CVE-2016-2782",
          "url": "https://bugzilla.suse.com/968670"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-2782"
    },
    {
      "cve": "CVE-2016-2847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2847",
          "url": "https://www.suse.com/security/cve/CVE-2016-2847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970948 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/970948"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 974646 for CVE-2016-2847",
          "url": "https://bugzilla.suse.com/974646"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2847"
    },
    {
      "cve": "CVE-2016-3137",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3137"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3137",
          "url": "https://www.suse.com/security/cve/CVE-2016-3137"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3137",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970970 for CVE-2016-3137",
          "url": "https://bugzilla.suse.com/970970"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-3137"
    },
    {
      "cve": "CVE-2016-3138",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3138"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3138",
          "url": "https://www.suse.com/security/cve/CVE-2016-3138"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970911 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/970911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970970 for CVE-2016-3138",
          "url": "https://bugzilla.suse.com/970970"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-3138"
    },
    {
      "cve": "CVE-2016-3139",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3139"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3139",
          "url": "https://www.suse.com/security/cve/CVE-2016-3139"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3139",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970909 for CVE-2016-3139",
          "url": "https://bugzilla.suse.com/970909"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-3139"
    },
    {
      "cve": "CVE-2016-3140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3140",
          "url": "https://www.suse.com/security/cve/CVE-2016-3140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3140",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970892 for CVE-2016-3140",
          "url": "https://bugzilla.suse.com/970892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-3140"
    },
    {
      "cve": "CVE-2016-3156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3156",
          "url": "https://www.suse.com/security/cve/CVE-2016-3156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-3156",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 971360 for CVE-2016-3156",
          "url": "https://bugzilla.suse.com/971360"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-54.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-54.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-06-30T15:03:23Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3156"
    }
  ]
}

ghsa-4g77-cm25-7q33

Vulnerability from github

Published

2022-05-17 03:37

Modified

2022-05-17 03:37

Severity ?

6.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-1339"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-04-27T17:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.",
  "id": "GHSA-4g77-cm25-7q33",
  "modified": "2022-05-17T03:37:19Z",
  "published": "2022-05-17T03:37:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1339"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=969356"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2015-1339"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/03/02/13"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2016-02590

Vulnerability from cnvd

Title

Linux kernel CUSE Driver组件拒绝服务漏洞

Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel 4.2版本的CUSE Driver组件中存在拒绝服务漏洞，本地攻击者可利用该漏洞影响可用性。

Severity

低

Patch Name

Linux kernel CUSE Driver组件拒绝服务漏洞的补丁

Patch Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel 4.2版本的CUSE Driver组件中存在拒绝服务漏洞，本地攻击者可利用该漏洞影响可用性。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c

Reference

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c

Impacted products

Name
Linux Kernel 4.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1339"
    }
  },
  "description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.2\u7248\u672c\u7684CUSE Driver\u7ec4\u4ef6\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u53ef\u7528\u6027\u3002",
  "discovererName": "Linux",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-02590",
  "openTime": "2016-04-26",
  "patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.2\u7248\u672c\u7684CUSE Driver\u7ec4\u4ef6\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linux kernel CUSE Driver\u7ec4\u4ef6\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Linux Kernel 4.2"
  },
  "referenceLink": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c",
  "serverity": "\u4f4e",
  "submitTime": "2016-04-22",
  "title": "Linux kernel CUSE Driver\u7ec4\u4ef6\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

gsd-2015-1339

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2015-1339

Aliases

CVE-2015-1339

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-1339",
    "description": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.",
    "id": "GSD-2015-1339",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-1339.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-1339"
      ],
      "details": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.",
      "id": "GSD-2015-1339",
      "modified": "2023-12-13T01:20:05.196337Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@ubuntu.com",
        "ID": "CVE-2015-1339",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[oss-security] 20160302 CVE-2015-1339: Linux Kernel: memory exhaustion via CUSE driver",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/03/02/13"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c"
          },
          {
            "name": "SUSE-SU-2016:1707",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
          },
          {
            "name": "https://bugzilla.novell.com/show_bug.cgi?id=969356",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=969356"
          },
          {
            "name": "openSUSE-SU-2016:1008",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
          },
          {
            "name": "https://security-tracker.debian.org/tracker/CVE-2015-1339",
            "refsource": "CONFIRM",
            "url": "https://security-tracker.debian.org/tracker/CVE-2015-1339"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.6",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2015-1339"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2015-1339",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security-tracker.debian.org/tracker/CVE-2015-1339"
            },
            {
              "name": "[oss-security] 20160302 CVE-2015-1339: Linux Kernel: memory exhaustion via CUSE driver",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/03/02/13"
            },
            {
              "name": "https://bugzilla.novell.com/show_bug.cgi?id=969356",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=969356"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314331"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/2c5816b4beccc8ba709144539f6fdd764f8fa49c"
            },
            {
              "name": "SUSE-SU-2016:1707",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
            },
            {
              "name": "openSUSE-SU-2016:1008",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.5,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-12-01T02:59Z",
      "publishedDate": "2016-04-27T17:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2015-1339 (GCVE-0-2015-1339)

Vulnerability from cvelistv5

fkie_cve-2015-1339

Vulnerability from fkie_nvd

suse-su-2016:1707-1

Vulnerability from csaf_suse

ghsa-4g77-cm25-7q33

Vulnerability from github

cnvd-2016-02590

Vulnerability from cnvd

gsd-2015-1339

Vulnerability from gsd

Tags

Sightings

Nomenclature